Hacker selling 550 million stolen user records on hacking forum

A threat actor is selling twenty-nine databases on a hacker forum that allegedly contains a combined total of 550 million stolen user records. The actor began selling these databases on May 7th, when they posted them on a well-known hacker where threat actors can buy each one individually.

According to cyber intelligence firm Cyble, none of these data breaches appear to be new, with the oldest being from 2012 and the latest from last month. The sheer volume of user accounts for sale is concerning as the information exposed could be used to perform large-scale credential stuffing or targeted phishing attacks.

In addition to the combined total of 550 million user records, a database of 47.1 million phone numbers that were part of a 2018 Dubsmash data breach is being sold as well.

For many of the databases being sold, they include millions of already cracked passwords, which will make a purchaser’s job much easier when buying them for credential stuffing attacks.

If you have an account at any of the breached sites and have not changed it since the breach date, it is strongly suggested that you change your password to be safe. If you do not know when you last set your password, change it to be safe.

You can also see if your email was part of these breaches by checking at Cyble’s amibreached.com data breach lookup service.

Reference:

https://amibreached.com/