Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security IT Technology

A Hacker Has Dumped Nearly One Billion User Records Over the Past Two Months (zdnet.com) 72

A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. From a report: The hacker's name is Gnosticplayers, and he's responsible for the hacks of 44 companies, including last week's revelations. Since mid-February, the hacker has been putting batches of hacked data on Dream Market, a dark web marketplace for selling illegal products, such as guns, drugs, and hacking tools. He's released data from companies like 500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names. Releases have been grouped in four rounds -- Round 1 (620 million user records), Round 2 (127 million user records), Round 3 (93 million user records), and Round 4 (26.5 million user records).
This discussion has been archived. No new comments can be posted.

A Hacker Has Dumped Nearly One Billion User Records Over the Past Two Months

Comments Filter:
  • "500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names." Other than underarmor, THESE are the BIGGER NAMES? Lol.

    • "500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names." Other than underarmor, THESE are the BIGGER NAMES? Lol.

      IKR? Never heard of any of these short of UnderArmor and I haven't heard any news from that outfit for a long time.

  • by BringsApples ( 3418089 ) on Monday April 15, 2019 @02:56PM (#58441492)

    ...People all over the world are continuously giving their data away to FaceBook for free.

    • by Anonymous Coward

      Someone finally sees the elephant in the room. Nobody notices because they're all too bloody busy with the noses in their mobiles clicking "Like" and "Subscribe".

  • by Anonymous Coward
    I've had my identity stole so many times
    I don't know what I look like!
  • "wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall."

    "Dangerously close"? I'm not going to argue that this isn't bad, but does something magical happen when he releases the data for the billionth user and reaches his goal that makes it especially dangerous? Shouldn't releasing records 932,000,001 through 1,000,000,000 be at _most_ about 6.8%
  • by jbmartin6 ( 1232050 ) on Monday April 15, 2019 @03:35PM (#58441674)
    This appears to be the same person behind the "Collection #1" releases circa Jan 18th. it was just a collection of a bunch of older dumps [krebsonsecurity.com] i.e. data aggregated from other breaches [pcmag.com]. I didn't see any reason to think this person was behind all of the hacks, I got the sense he might also brag he could hack into any porn site on the Internet by putting in his mom's credit card number.
  • Advice (Score:3, Interesting)

    by Required Snark ( 1702878 ) on Monday April 15, 2019 @03:47PM (#58441716)
    Never sign up for anything ever.

    Really. Don't do online payments, don't subscribe to news organizations, don't stream games, don't get email notifications, nothing. The only sort of safe exception is medical information under HIPPA.

    Remember no organization is at risk if they leak your info. The cost of a breach is just factored into the cost of doing business. That's why HIPPA is an exception. Medical information leaks are treated extremely seriously and they can even cause an organization to be shut down.

    The only one who is at risk if personal data becomes public is you. Organizations don't give a damn about you.

    • by Anonymous Coward

      That's why HIPPA is an exception. Medical information leaks are treated extremely seriously and they can even cause an organization to be shut down.

      For those of us who work with HIPPA data on a daily basis vs. non-HIPPA data - yes its treated more seriously. BUT, at the end of the day - its another factored risk. Paraphrasing Fight Club:

      "Take the number of (HIPPA records), A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of (properly securing against a data breach), we don't (bother with proper data security)."

      Business woman on plane:
      Are there a lot of these kinds of (exposures)?

      Narrator:
      You wouldn't believe.

      Business woman on plane:
      Which (HIPAA complaint) company do you work for?

      Narrator:
      A major one.

    • You get much more fun junk mail if you claim your income's >$400,000; and your interests include hunting rifles and endangered species.
    • HIPPA is not an exception, it promises punishment of violations not guarantees of privacy... I respect your remarks, but even the DOD doesn't keep their stuff private.
    • Have there been any serious repercussions from HIPAA violations? Medical data get shared around so widely with various medical specialists, claims specialists, coders and re-coders, government agencies, research teams, etc. that 'secret' is no way to describe it. It is generally not in the forefront of news outlets since it is a bit harder to monetize, but there is plenty of medical fraud already going on with leaked health records.

You can write a small letter to Grandma in the filename. -- Forbes Burkowski, CS, University of Washington

Working...