Hackers are selling some 34 million user records held in databases they claim have been ripped off from 17 companies in data breaches earlier this year, a recent report said.
An ad in a dark web forum posted on October 28 offered the databases for sale, BleepingComputer said. The seller told Bleeping Computer that it was brokering the databases, wasn't responsible for the data breaches and declined to reveal how much they were worth on the open market. The seller reportedly refused to say how the sites had been cyber burgled.
According to BleepingComuter, stolen databases are usually sold in sales to private sites from $500 to $100,000.
Roughly 75 percent of the stolen records, which include user names, passwords, email addresses, personal credentials and more, come from six companies, with Geekie.com the largest haul at just over eight million records. The seller reportedly told BleepingComputer that the database belonging to Singapore-based RedMart, the best known of the affected companies, carries a price tag of $1,500.
Here’s a list of the compromised organizations and the number of records stolen:
Geekie.com.br: 8.1 million
Clip.mx:4.7 million
Wongnai.com: 4.3 million
Cermati.com: 2.9 million
Everything5pounds.com: 2.9 million
Eatigo.com: 2.8 million
Katapult.com: 2.2 million
Wedmegood.com: 1.3 million
RedMart: 1.1 million
Coupontools.com: 1 million
W3layouts.com: 789,000
Game24h.vn: 779,000
Invideo.io: 571,000
Apps-builder.com: 386,000
Fantasycruncher.com: 227,000
Athletico.com.br: 162,000
Toddycafe.com: 129,000
According to BleepingComputer, thirteen of the 17 breached companies have stolen email accounts that map to the organization. None had reported a data breach of stolen records until RedMart and Wongnai.com confirmed the break-ins to BleepingComputer in the last few days.
BleepingComputer advises users that visit one or more of the affected sites to assume the site has been breached and change their passwords. In addition, if users sign on with the same password at multiple sites, change it to a secure one used only for that site.
