A group of hackers, calling it ShinyHunters, is selling 73.2 million personal records on the dark web. According to the ZDNet portal, the data was obtained following a series of computer attacks on various websites. Zoosk and Chatbooks are just two of the affected portals, but that is where most of the records came from. Altogether, 45 million records were stolen from these two platforms.
The attack was targeted at several websites, including the newspapers Chronicle of Higher Education and Star Tribune, South Korean portals for furniture and fashion brands, health magazines, delivery services, among others.
The attacks already identified could be part of a larger campaign, as the group claims to have stolen around 500GB of data from GitHub's repositories. This May, ShinyHunters were said to be responsible for the attack on the Indonesian store Tokopedia, whose database, made up of personal data of 91 million users, was put up for sale online for 5,000 dollars.
According to ZDNet, the path of attacks is aimed at generating profit for the group. The speed and scale of the campaign is not, however, common.
The investigation further suggests that, by operating under a similar standard, this group may have an affinity with another hacker group called Gnosticplayers who, in 2019, sold more than a billion personal credentials in black markets on the dark web.