Recent reports reveal alarming statistics regarding data breaches and their implications for cybersecurity. In 2018 alone, over 5 billion records were exposed due to approximately 6,500 data breaches, as indicated by a report from Risk Based Security. Additionally, DLA Piper documented that more than 59,000 data breaches have been reported across Europe since the implementation of the General Data Protection Regulation (GDPR) in 2018. However, the stark reality is that many of these breaches go unreported, with estimates suggesting that more than half remain undisclosed.
In light of this context, a recent discovery of massive unreported data breaches has come to light. A hacker known as Gnosticplayers initiated the sale of stolen user databases, which contain millions of compromised accounts from a range of well-known websites. This activity highlights significant vulnerabilities that can affect both businesses and consumers alike.
Gnosticplayers made headlines last week when they listed stolen accounts from 16 popular websites on the dark web marketplace, Dream Market. The sale included details of nearly 620 million compromised accounts in the initial batch and an additional 127 million records from subsequent breaches. The third round of breached account sales, touted by the hacker as their final offering, disclosed over 92 million hacked accounts from eight websites, one of which is the widely used GIF hosting platform, Gfycat.
According to Gnosticplayers, the third batch of compromised accounts originates from several online services, including Pizap, an online photo editor with 60 million records, and Jobandtalent, an online job portal, containing 11 million records. Other affected entities include fitness service Classpass and real estate platform Streeteasy. The total estimated value of these databases reaches approximately 2.6249 Bitcoin, equivalent to around $9,700.
The hacker’s actions have raised concerns regarding the lack of awareness among the affected companies regarding these breaches. None of the organizations linked to the third batch of compromised accounts had previously disclosed any data breach incidents. Given that many entities listed in earlier rounds have since acknowledged their unreported breaches, it is plausible that the latest batch also contains legitimate, compromised data.
As these accounts are now available for purchase, it’s crucial for users associated with any of the impacted services to take immediate action. Changing passwords across all platforms, particularly where similar credentials have been reused, becomes paramount in curbing potential unauthorized access.
From a cybersecurity perspective, various tactics may have been employed in executing these breaches. The MITRE ATT&CK framework identifies initial access, exfiltration, and persistence as potential tactics used in such attacks. Understanding these methodologies underscores the importance of robust security measures for businesses, particularly in an evolving landscape where data integrity is perpetually at risk.
As the implications of these breaches unfold, vigilance remains essential for businesses looking to safeguard their data and user privacy from emerging threats. Regular updates on existing security protocols and user education on best practices are vital in mitigating the risks involved in this digital age.
