fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

11 companies stolen data floods the darknet by Hacker group

A hacking group has started to flood a dark web hacking marketplace with databases containing a combined total of 73.2 million user records over 11 different companies.

For the past week, a hacking group known as Shiny Hunters has been busy selling a steady stream of user databases from alleged data breaches.

It started last weekend with Tokopedia, Indonesia’s largest online store, where a database of over 90 million user records was being sold.

Soon after, Shiny Hunters began selling a database of 22 million user records for Unacademy, one of India’s largest online learning platforms. After being contacted by BleepingComputer, the company released a statement that their company was breached.

On Wednesday, Shiny Hunters continued their rampage by claiming to hack into Microsoft’s GitHub account earlier this year and leaking files from the company’s private source code repositories.

Microsoft GitHub account breach
Microsoft GitHub account breach

While Microsoft has not officially admitted that their GitHub account was breached, sources have told BleepingComputer that the shared data was indeed private repositories only accessible to Microsoft employees.

Now selling user records from 11 data breaches

Earlier this week, BleepingComputer was told by cyber intelligence firm ZeroFox that Shiny Hunters had begun selling databases for the meal kit delivery service HomeChef, photo print service ChatBooks, and Chronicle.com, a news source for higher education.

Chatbooks breach

With the three databases combined, there are a total of 26 million accounts being sold with initial prices for each database ranging between $1,500 and $2,500. Some of the prices have changed since then (e.g. for the ChatBooks records, the initial offer increased to $3,500).

Soon after reporting on these breaches, ChatBooks started sending data breach notifications to their users.

Last night, cyber intelligence firm Cyble told BleepingComputer that Shiny Hunters had started to “flood the market” with new data breaches from other companies, bringing the total amount of user databases being sold to 11.

CompanyUser RecordsPrice
Tokopedia91 million$5,000
Homechef8 million$2,500
Bhinneka1.2 million$1,200
Minted5 million$2,500
Styleshare6 million$2,700
Ggumim2 million$1,300
Mindful2 million$1,300
StarTribune1 million$1,100
ChatBooks15 million$3,500
The Chronicle Of Higher Education3 million$1,500
Zoosk30 million$500

From samples of user records seen by BleepingComputer, the data breaches look legitimate, but they have not been 100% confirmed.

Sample user database being sold
Sample user database being sold

After being told about the new databases being sold, BleepingComputer had contacted the affected companies but has not heard back yet.

To be safe, if you have an account at any of the sites listed above, it is strongly suggested that you change your password to a strong and unique one used only at that site.

If the same password has been used at other sites, change your password to a unique one there as well.

Source: https://www.bleepingcomputer.com/news/security/hacker-group-floods-dark-web-with-data-stolen-from-11-companies/

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us