Another dump appeared on the darknet, this time 93 million users are selling records

[Hacker]

Last week, a hacker (or a group of individuals) using the pseudonym Gnosticplayers put up two large dumps for sale on the Dream Market.

The first set includes data from 620 million users on 16 major sites, including MyHeritage, 500px and Dubsmash. For this dump, the attacker asked for a total of about $ 20,000 (in bitcoins).

Then a second dump appeared on sale, containing 127 million records of users of 8 more compromised companies, including the Ge.tt file hosting service and the Coinmama cryptocurrency exchange. This collection is valued at $ 14,500 in cryptocurrency.

At the same time, the attacker willingly communicates with media representatives and has already told reporters that he is not going to stop. He stated that in total he has about 20 different bases at his disposal, some of which he intends to put up for sale, while others are saving for personal use. In total, these "compilations" include information about a billion different accounts, and the oldest leaks date back to 2012.

Apparently, Gnosticplayers did not lie, as now a third compilation has appeared on Dream Market, including information on another 92.76 million users, valued by the criminal at 2.6249 BTC (approximately $ 9,400).

The most "noticeable" leak in this dump is information about 8,000,000 users of the popular GIF hosting company GfyCat. The new dump includes:

As mentioned above, Gnosticplayers are willing to talk to the press. Now, in an interview with journalists from ZDNet, he said that he was directly related to the hacking of listed companies, and not just acting as an intermediary for the resale of data. Also, Gnosticplayers once again confirmed that it intends to sell information about almost 1 billion users in total.

When asked why he was doing this, Gnosticplayers explained that he was only interested in two things: "money and the ruin of American pigs."

The fact is that each “lot” of the attacker also contains a message in which he denounces the American and British authorities for the arrest of another hacker, George Duke-Cohan, whom Gnosticplayers in their messages calls “young and a talented boy. "He was a member of the Apophis Squad, was arrested last summer, sentenced to three years in prison in the UK, and now faces up to 65 years in prison in the United States.

 

[Tomcat]

Information for 142 million MGM hotel clients is up for sale on the darknet​

In February 2020, the personal data of 10,683,188 clients of the MGM Resorts hotel chain were published on one of the underground forums , but the data leak turned out to be much larger than originally reported. More than 142 million hotel customers are believed to have been affected by the incident, not just 10.6 million, ZDNet reported.

The hacker published on one of the underground trading platforms on the darknet an advertisement for the sale of a database containing records of 142,479,937 clients of MGM hotels, for a price of just over $ 2.9 thousand. According to the seller, the information was obtained as a result of hacking the DataViper data leak monitoring service. owned by the American information security company Night Lion Security.

Night Lion Security founder Vinny Troia told ZDNet that his company never owned a copy of the full MGM database, and that hackers are simply trying to damage the reputation of the information security firm.

MGM Resorts International has notified its clients who may have been affected by the data breach. The company also noted that it was aware of the scale of the incident.

“MGM Resorts was aware of the scale of this incident last summer and has already reviewed the situation. The vast majority of data consists of contact information such as names, postal addresses and email addresses, ”MGM Resorts said.