[BreachExchange] Breach database company DataViper allegedly hacked with billions of records offered for sale

Destry Winant destry at riskbasedsecurity.com
Wed Jul 15 10:34:44 EDT 2020


https://siliconangle.com/2020/07/13/breach-database-company-dataviper-allegedly-hacked-billions-records-offered-sale/

Cyberthreat intelligence and breach database company DataViper has
been allegedly hacked and its database of breached credentials offered
for sale on the shady part of the internet known as the dark web.

The person behind the hack claims to have stolen more than 8,200
databases containing the information of billions of users that had
been compiled from data stolen from other companies in the past.

DataViper, like several other companies in the market, gathers details
of breached account credentials that allow users — in DataViper’s
case, corporate customers and police services — to check whether
credentials have been previously compromised. Notable among
DataViper’s customers are the Dubai Police, Europol and the U.S.
Federal Bureau of Investigation.

The details of how the alleged data breach took place are not entirely
clear. Company founder Vinny Troia told ZDNet that a hacker did gain
access to one of DataViper’s servers but the server was only a test
instance. Troia claims that the databases being offered by the hacker,
who he says is associated with several hacking groups including
TheDarkOverlord, ShinyHunters and GnosticPlayers, is are the hacker’s
own, not information stolen from DataViper.

Where the story takes an interesting twist is that Troia claims that
hack was personal because he published a book earlier this year that
detailed the activities of hacking groups. Further, he alleges that
the leak was timed to damage his reputation before a talk he’s
scheduled to give later this week at the SecurityWorld conference on
the very same hackers.

“This specific case seems to be a personal revenge incident primarily
directed to damage reputation of the allegedly breached cybersecurity
firm,” Ilia Kolochenko, founder and chief executive officer of web
security company ImmuniWeb, told SiliconANGLE. “Given the details of
the incident, a criminal investigation may have a considerable degree
of success to uncover the chain of events and identify the attackers.”

Ray Kelly, principal solutions architect and alliances at application
security platform provider WhiteHat Security Inc., noted that the hack
exemplifies how no organization is safe from a potential data breach.
“In this case, a cybersecurity firm failed to detect a malicious actor
inside their network for several months,” he noted. “It also shows the
importance of using several layers of security from web application
security to intrusion detection systems where something like this
might have been caught.”


More information about the BreachExchange mailing list