Threat intelligence firm Cyble discovered that personal records of U.S. citizens were exposed on darknet forums. The researchers stated that an unknown hacker posted an advertisement on the dark web claiming that they had stolen personal details of more than 40,000 U.S. citizens. The exposed information included citizens’ first names, last names, address, city, state, Zip codes, social security numbers (SSNs), and date of birth.
Cyble’s researchers also recommended certain security measures to online users, these include:
- Never share personal information, including financial information over the phone, email, or SMS
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, laptop, and smartphone
Stolen Data Floods Darknet
The discovery comes after Cyble recently identified and reported another massive data breach, in which the members of the “Shiny Hunters” hacking group compromised 73.2 million user records from over 11 companies and kept them on the darknet for sale. The hackers are from the same group who are behind the Tokopedia data breach, in which 91 million user records were compromised and kept on sale on the hacking forums for $5,000. Later, the group breached India-based online learning platform Unacademy, which exposed details of 22 million users and kept the records for sale on the darknet forums for $2,000.
Several incidents have been reported in recent times about hackers selling stolen information on the darknet markets. According to Cyble, attackers were also selling over 267 million Facebook records for £500 (US$623) on dark websites and hacker forums. The records contain information that could allow attackers to perform spear phishing or SMS attacks to steal credentials.