Hackers from Shinyhunters Posts More Customer Records Up for Sale on the Dark Web
Hacking group Shinyhunters is selling eight million Home Chef customer records on the dark web. Also, for sale are user records from online printer ChatBooks and news site Chronicle.com. The data from Home Chef are priced at $2,500. This follows the sale of records from Unacademy and Tokopedia from Shinyhunters.
The stolen data includes email address, encrypted passwords, last four digits of payment cards, gender, age, subscription details, customer IP addresses, last four digits of social security numbers, postal codes, and phone numbers.
Last week cyber security researchers at Zero FOX reported that customer records from over ten companies were found for sale on the dark web. The hacking group, Shinyhunters, is selling databases of hacked user records for $500 to $3,500 each. In total the hackers have 73.2 million user records from over ten companies for sale.
Shinyhunters is the hacking group that claims they hacked into Microsoft’s private GitHub repository.
So far Shinyhunters, has put 22 million user records from learning platform Unacademy and another 90 million user records from Tokopedia up for sale. Tokopedia has the largest number of breached customer records. StarTribune, a US newspaper, has the lowest number for sale at one million user records. Other breached companies include dating app Zoosk and Mindful.
Does this Data Breach Affect Me?
Often internet users don’t worry as much about stolen online credentials if money was not lost. However, hacked email addresses (even if the password was not breached) can result in monetary theft. Online scams and phishing emails often begin with data taken in past data breaches. Put together with other data from social engineering, hackers can steal money or steal your identity.
People often use the same password across multiple accounts. If hackers who buy the stolen email addresses from the Shinyhunter data breaches break into the email accounts, they can use that email to start resetting the passwords to more valuable accounts. For example, if you use the same work email for your Home Chef account, you can easily out your employer at risk for a phishing email that compromises the entire IT network. Sounds unrealistic, but it happens all the time.
All totaled, Shinyhunters is selling over 73 million records for $18,000.
- Online dating app Zoosk ($500 for 30 million user records)
- Printing service Chatbooks ($3,500 for 15 million user records)
- South Korean fashion site Styleshare ($2,700 for 6 million user records)
- Food delivery service Home Chef ($2,500 for 8 million records)
- Online marketplace Minted ($2,500 for 5 million records)
- Chronicle of Higher Education ($1,500 for 3 million user records)
- South Korean furniture magazine GGuMim ($1,300 for 2 million user records)
- Mindful ($1,300 for 2 million user records)
- Indonesia online store Bhinneka ($1,200 for 1.2 million user records)
- US newspaper StarTribune ($1,100 for 1 million customer records)
What is Home Chef?
Home Chef is a subscription meal kit delivery service based in Chicago, Illinois. The company was founded in 2013. Kroger Company, the largest supermarket chain in the United States. Home Chef delivers three million meals monthly to its customers per month.
