Over 23,000 hacked databases shared over Telegram and Discord

Around 13 billion user files are believed to be circulating on hacker forums

Over 50GB of data from 23,000 hacked databases have been shared by hackers across Telegram channels and two hacking forums, it has emerged.

A total of 23,618 databases were able to be downloaded through the Mega file hosting service, amounting to a dataset of around 13 billion personal files. The link was later taken down following abuse reports but there are fears that the data has entered the public domain, according to reports from ZDNet.

The databases are said to have come from Cit0Day.in, an underground service launched in January 2018 that provides hacked password data to criminals for a monthly fee. So far, the collection of data has been shared on Russian-speaking hacker forums, the voice chat app Discord, and Telegram channels managed by nefarious data traders.

On 14 September, this service showed users what appeared to be an FBI and US Department of Justice seizure notice. According to threat intelligence service KELA, the seizure noticed appear to be fake and copied from another website. It is not known if the site's creator, known as Xrenovi4, has been arrested.

The databases themselves are from both big-name internet portals as well as smaller, lesser-known websites. Evidence suggests the data is already being exploited by cyber criminals to carry out credential stuffing and password spraying attacks against users who have reused passwords across a number of websites.

Boris Cipot, senior security engineer at Synopsys, told IT Pro that when stolen data is made public or sold to the highest bidder, the race to exploit these affected users begins.

“The problem is that this leak contains data from more than 23,000 databases," said Cipot. "Some of the data is old, some new. For now, it is hard for anyone to be sure that their name, username, passwords, or other data, has not been exposed. Therefore, I would recommend that everyone change their passwords on services they use – just in case."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021