HomeData BreachShinyHunters claims Santander breach, promoting information for 30M prospects

ShinyHunters claims Santander breach, promoting information for 30M prospects

A menace actor generally known as ShinyHunters is claiming to be promoting a large trove of Santander Financial institution information, together with data for 30 million prospects, staff, and checking account information, two weeks after the financial institution reported a data breach.

ShinyHunters is thought for promoting and leaking information from quite a few corporations over time, together with this week’s alleged huge Ticketmaster data breach impacting 560 million individuals.

They’re additionally the proprietor of BreachForums, a infamous on-line neighborhood trafficking within the sale and leaking of stolen information which has survived a number of regulation enforcement takedowns over the previous couple of years

Two weeks in the past, Spain’s largest financial institution, Santander, disclosed a data breach after detecting unauthorized entry to a database hosted by a third-party supplier.

The corporate’s investigation decided that the menace actor accessed information for workers and prospects in Chile, Spain, and Uruguay.

“Following an investigation, we now have now confirmed that sure data referring to prospects of Santander Chile, Spain and Uruguay, in addition to all present and a few former Santander staff of the group had been accessed,” reads a press release from Santander.

See also  ADT discloses second breach in 2 months, hacked by way of stolen credentials

“Buyer information in all different Santander markets and companies usually are not affected.”

Quick ahead two weeks, and as first noticed by Darkish Internet Informer, ShinyHunters is now claiming to promote the information for Santander prospects in Chile, Spain, and Uruguay for $2 million, the identical information the financial institution reported was stolen.

Selling of Santander Bank data on a hacking forum
Promoting of Santander Financial institution information on a hacking discussion board
Supply: BleepingComputer

ShinyHunters claims that the stolen information accommodates the private data of 30 million prospects and staff, 28 million bank card numbers, and 6 million account numbers and balances.

As a part of the sale itemizing, the menace actor additionally shared samples of the information that accommodates the listed data however can’t be confirmed to belong to Santander.

This itemizing comes quickly after the FBI seized BreachForums on Could fifteenth, which was operated by ShinyHunters and one other menace actor generally known as Baphomet.

Whereas ShinyHunters says that Baphomet was arrested, he shortly restored the BreachForums website from a backup to a brand new area.

See also  Cisco investigates breach after stolen information on the market on hacking discussion board

Since then, the menace actor posted the sale of Ticketmaster and Santander, which some really feel was accomplished to revive the repute of the positioning after its takedown by regulation enforcement.

Nevertheless, what makes these gross sales uncommon is that each had been first listed on the Russian-speaking Exploit hacking discussion board days earlier than they had been listed on the newly-restored BreachForums.

Santander data sold on Exploit earlier in the week
Santander information offered on Exploit earlier within the week
Supply: Kela

These gross sales had been listed beneath the accounts of recent members, with no reference to BreachForums or ShinyHunters, making others consider the sale on BreachForums is a faux.

Nevertheless, ShinyHunters has generally acted as a data breach dealer for different menace actors prior to now, and it isn’t unusual for these menace actors to create new aliases on numerous boards to promote stolen information.

Whereas TicketMaster has not confirmed whether or not a data breach occurred, ShinyHunters has a repute for promoting legitimate data breaches prior to now.

See also  Casio discloses data breach impacting prospects in 149 international locations

In 2021, Shiny Hunters claimed to be promoting the stolen information of 73 million AT&T prospects, which the corporate repeatedly denied to BleepingComputer.

“I do not care if they do not admit. I am simply promoting,” ShinyHunters advised BleepingComputer on the time.

In 2024, after the AT&T information was leaked on a hacking discussion board, AT&T lastly confirmed that the information was legit and that they’d suffered a breach.

Previously, ShinyHunters has breached or leaked the information for quite a few corporations, together with Wattpad, Tokopedia, Microsoft’s GitHub account, BigBasket, Nitro PDF, Pixlr, TeeSpring, Promo.com, Mathway, and lots of extra.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular