Data Breaches: ShinyHunters’ Dominance Continues

Data Breaches: ShinyHunters’ Dominance Continues

Posted February 18, 2021

Data Breaches: ShinyHunters’ Dominance Continues

  • The ShinyHunters cybercrime operation runs a data exfiltration and sales business that appears to be off to a roaring start again this year, following on the heels of its data breach spree last year.
  • Many of last year’s biggest hits apparently trace back to one gang: ShinyHunters.
  • After nearly 50 data breaches in 2020, so far this year, the gang has already been blamed for data breaches at e-commerce site Bonobo and dating site MeetMindful.
  • Last month, ShinyHunters posted stolen Bonobo data to cybercrime forum RaidForums, including account information for nearly 2 million registered users.
  • In January, for example, a RaidForums user called “Spiral” posted what they said was the set of data exposed in the September 2020 breach of Australian PDF-creation service Nitro, which the user said had been “dumped by ShinyHunters.”
  • “ShinyHunters has made a number of posts about being frustrated that people were reselling their data, so they release it for free or dirt cheap,” said Zack Allen, director of threat intelligence at ZeroFOX.

– Mathew Schwartz | February 18, 2021