[BreachExchange] ShinyHunters is Leaking Data of all the Big Conglomerates

Destry Winant destry at riskbasedsecurity.com
Tue May 11 10:26:03 EDT 2021


https://www.ehackingnews.com/2021/05/shinyhunters-is-leaking-data-of-all-big.html

Following the hacking of masked credit and debit card data belonging to
crores of Juspay customers, independent cybersecurity analyst Rajshekhar
Rajaharia reported on January 6, 2021, that the same hacker, likely branded
as 'ShinyHunters,' is now selling databases belonging to three more Indian
companies on the Dark Web.

ShinyHunters, the well-known hacker responsible for exposing the accounts
of companies such as Animal Jam, Mashable, Upstox, and 123RF, among others,
has returned with yet another high-profile data breach.

The hacker has recently focused on leaking databases belonging to Indian
institutions. While unconfirmed, it is thought that the hacker's extortion
efforts failed, and as a result, the hacker leaks the stolen info.

This time, ShinyHunters has leaked a database belonging to WedMeGood, a
prominent Indian wedding planning website that handles everything from
location selection to photographer bookings and wedding outfit
arrangements. WedMeGood has a website and an app that allows couples
planning weddings to find nearby vendors and get ideas and inspiration for
their big day. The business is headquartered in Gurgaon and was founded in
2014 by Mehak Sagar Shahani and Anand Shahani.

According to Hackread.com's review, the database contains 41.5 GB of data,
including the city, gender, full names, phone numbers, email addresses,
password hashes, booking leads, last login date, account formation date,
Facebook unique ID numbers, and holiday summary for Airbnb.

JusPay, a Bengaluru-based digital payments portal, previously stated that
their Secure Data Store, which houses sensitive card numbers, had not been
accessed or leaked. "Thus, all our customers were secure from any kind of
risk. Our priority was to inform the merchants and as a measure of abundant
precaution, they were issued fresh API keys though it was later verified
that even the API keys in use were safe," the company said.

The hacker, according to Rajaharia, is the same one who leaked BigBasket
info, as confirmed by cybersecurity firm Cyble. BigBasket, one of India's
most popular online grocery stores, discovered that its data of over 20
million users had been compromised and was for sale on the dark web for
over $40,000 in November of last year.

"Now, the same hacker group is asking about $10,000 in Bitcoin for the
BigBasket database and is also selling the three companies' databases,"
Rajaharia said. "There is a strong connection between all these recent data
leaks, including BigBasket," he added.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210511/2e2375d7/attachment.html>


More information about the BreachExchange mailing list