The same hacker who had stolen 620 million user records has returned, this time stealing another 127 million records from various websites including Coinmama, Houzz, Petflow, and YouNow.
User data is now being sold over a dark web marketplace, Dream Market, where individuals sell malware and user data. Currently, the individual(s)–”Gnosticplayers”–is selling the stolen website credentials for around four bitcoin, which is approximately $20,000 in value according to TechCrunch’s reporting. The asking price varies based on which website the data is coming from, as well as user data quality. It is currently unclear on whether the hacker is acting alone or using a team effort in selling acquired user data from this breach.
ZDNet reports the following websites that were affected, including the number of accounts stolen and the price to which the seller is asking for:
- Ge.tt (file sharing service) – 1.83 million accounts – 0.16 bitcoin
- Ixigo (travel and hotel booking) – 18 million accounts – 0.262 bitcoin
- Roll20.net (gaming) – 4 million accounts – 0.0582 bitcoin
- Houzz (interior design) – 57 million accounts – 2.91 bitcoin
- Coinmama (cryptocurrency exchange) – 420,000 accounts – 0.3497 bitcoin
- Younow (live streaming) – 40 million accounts – 0.131 bitcoin
- StrongHoldKingdoms (gaming) – 5 million accounts – 0.291 bitcoin
- Petflow (pet food delivery) – 1 million – 0.1777 bitcoin
In just the last week, Houzz disclosed its data breach to users via email. This second wave of stolen data comes after a recent reporting by The Register which revealed sites such as MyHeritage, MyFitnessPal, HauteLook, and CoffeeMeetsBagel that were all breached in the previous week. Both MyHeritage and MyFitnessPal had already notified users of their website breach last year while CoffeeMeetsBagel had just announced their breach today. (Quite the Valentine’s Day surprise!)
Last week’s data breach which included the 620 million user accounts from 16 websites were taken down from the dark web by its seller, as “buyers complained that a prolonged sale would…lead to [the]…databases…becoming available to everyone,” as Catalin Cimpanu from ZDNet reports.