A string of data breaches is causing headaches for more than a few internet users. ZDNet has learned that the hacking group ShinyHunters is selling about 73.2 million user records the attackers say were stolen from numerous sites. About 30 million come from the dating app Zoosk, while 15 million are from the printing service Chatbooks. The rest come from a variety of sites, including the Star Tribune newspaper (1 million), South Korean fashion and furniture sites (8 million total) and the Chronicle of Higher Education (3 million).
While the legitimacy of some databases couldn’t be verified, ZDNet found that samples from the breach matched real records. Researchers in the community also believed that ShinyHunters was authentic.
This appears to be part of a larger campaign. The group also claimed to have stolen 500GB from Microsoft’s private GitHub repositories, and broke into the Indonesian online store Tokopedia earlier in May. The GitHub breach didn’t include any known sensitive material, but ShinyHunters put Tokopedia’s database on sale for $5,000. Like with many breaches, this appears to have been a cash grab — what’s surprising is the scale and speed of the effort.