- The ShinyHunters cybercrime operation runs a data exfiltration and sales business that appears to be off to a roaring start again this year, following on the heels of its data breach spree last year.
- Many of last year’s biggest hits apparently trace back to one gang: ShinyHunters.
- After nearly 50 data breaches in 2020, so far this year, the gang has already been blamed for data breaches at e-commerce site Bonobo and dating site MeetMindful.
- Last month, ShinyHunters posted stolen Bonobo data to cybercrime forum RaidForums, including account information for nearly 2 million registered users.
- In January, for example, a RaidForums user called “Spiral” posted what they said was the set of data exposed in the September 2020 breach of Australian PDF-creation service Nitro, which the user said had been “dumped by ShinyHunters.”
- “ShinyHunters has made a number of posts about being frustrated that people were reselling their data, so they release it for free or dirt cheap,” said Zack Allen, director of threat intelligence at ZeroFOX.
– Mathew Schwartz | February 18, 2021
