Over 34 Million Stolen User Records is Being Sold on Hacking Forum

An exclusive report by BleepingComputer revealed that a data broker is selling about 34 million users’ records in a hacker forum. All those records were gathered from 17 companies, including the lately announced RedMart’s.

All of those records contain email addresses, hashed passwords, and other information. As of now, only two of those 17 companies have disclosed the data breach.

34 Million User Records For Sale

A data broker in a hacker forum is selling over 34 million user records collected from 17 companies. These records were collected from the various data breaches, which all happened in 2020, claims the broker. While he isn’t involved in hacking any of those companies, he’s just dealing with the selling part of that data.

This was reported by BleepingComputer, who verified the samples of those data and confirmed some of them to be true. Further, when it contacted all 17 companies regarding this illegal selling, only two of those were known to have disclosed the data breaches. While one of them is RedMart, the other is Wongnai.com.

The Wongnai has replied to BleepingComputer confirming the breach and is investigating the issue now. Rest 15 companies haven’t responded yet. While there’s no specific price for the whole, the broker may be selling the databases individually, as RedMart’s database is set for a price tag of $1,500.

When asked how the hacker has obtained access to those breached sites, the broker replied as “Not sure if he want to disclose.” Most of such stolen databases will be sold privately initially, like the Wattpad’s for $100,000. And then, they’ll be dumped for free in the groups to increase the hacker’s credit.

Here’s the list of all 17 companies whose databases were listed for sale;