A notorious hacker or group of hackers is offering a copy of a database allegedly containing 386 million user records after posting a link to the database on a marketplace used by cybercriminals.
Calling themselves ShinyHunters, the threat actors claim to have data stolen from 18 different websites over the past seven months.
According to BleepingComputer, ShinyHungers began uploading the database to a forum last week where anyone can download it for free.
ShinyHunters is believed to have played a role in high-profile data breaches at HomeChef, Promo.com, Mathway, Chatbooks, Dave.com, Wattpad, and even Microsoft's GitHub account. Many of these records were previously sold online.
The free data was reportedly provided by the following companies, several of which have confirmed data breaches in the past few months.
Suspected data breaches at Appen.com, Drizly.com, Havenly.com, IndabaMusic.com, Ivoy.mx, Proctoru.com, Rewards1.com, Scentbird.com and Vakinha.com.br BleepingComputer notes that this had not been previously reported.
Lawrence Abrams of BleepingComputer, after browsing some of these databases, believes that the data is indeed legitimate because "the published email addresses correspond to accounts on the service."
ShinyHunters is likely making a lot of money by selling this data online. The cheapest database is offered for $500 (Zoosk), and the most valuable is valued at $100,000 (WattPad).
ShinyHunters explains to BleepingComputer why he, she, or they provide the data.
"I thought, 'I've made enough money,' so I leaked it for everyone. Obviously, some people are a little upset because I paid the reseller a few days ago, but I don't care."
ESET security specialist Jake Moore told Tom's Guide: "Even stolen data has a shelf life, so it wouldn't be a big surprise if some of this data was given away for free after some time has passed since it was released.
"What is interesting, however, is that half of these breaches were not made public earlier.
For affected users, Moore recommends: "It goes without saying that if you have an account with any of the listed compromised services, make sure you change your password and, if available, enable two-factor authentication as an additional layer of protection
Cybersecurity.
Daniel Lewis, CEO and co-founder of cybersecurity firm Awen Collective, added: " We encourage everyone, including those who use the Dave service, to plug their email address into the HaveIBeenPwned website to see if their details have been compromised."
Tom's Guide also recommends that everyone use the best password manager to ensure that even if one account is compromised, all accounts are not.
Comments