Researchers from cybersecurity firm Lucy Security discovered a collection of two SQL databases exposed on darknet forums. It was found that the databases contain stolen information from 945 websites, hacked by different attackers from across the world. The databases host around 150GB SQL files which were released on June 1 and June 10 2020, respectively. The exposed information included usernames, phone numbers, full names, hashed and non-hashed passwords, IP, email addresses, and physical addresses.
Among the 945 compromised sites, the researchers identified 14 government sites belonging to Ukraine, Israel, the U.K., Pakistan, Russia, Lebanon, Belarus, Rwanda, and Kyrgyzstan. Over 14 million users are said to be affected in the incident.
“As if this was not alarming enough, this might be only the beginning. The entity who collected and shared the databases on the dark web claims to have gathered these so-called private databases without having committed any hacking by themselves, yet they also claim to possess even more databases, which they are planning to share or sell to the highest bidder,” the researchers said in a statement.
Connection to Collection #1 Breach
The researchers at Lucy Security clarified that the new data leak does not relate to Collection #1, a massive data leak that exposed 773 million records from different sources on dark web last year. “This is an entirely new threat, none of the databases were known to the public before,” the researchers said.
Darknet Flooded with Leaked Databases
Researchers from security firm Cyble stated that a hacking group “Shiny Hunters” is selling Wishbone.io database on darknet forums. The leaked database contained over 40 million records of Wishbone users–a social platform that allows users to compare social content via voting poll. It is found that the Shiny Hunters group was responsible for numerous data breaches including the breach of 73.2 million user records from over 11 companies. The hackers are also behind the Tokopedia data breach, in which 91 million user records were compromised and kept on sale on the hacking forums for $5,000. Later, the group breached India-based online learning platform Unacademy, which exposed details of 22 million users and kept the records for sale on the darknet forums for $2,000.