Posted on January 25, 2021 at 3:32 PM
The ShinyHunters hacker has been on the news lately, as he has been involved in series of data leaks within the past week.
A recent report revealed that the hacker has exposed data from yet another company. This time, the victim is the MeetMindful dating site, with data of 2.8 million user records from the site leaked on the dark web.
A report from a security researcher who detailed the incident shows that the leaked data was packed in a 1.2GB file, and has been shared for free on a darknet forum.
“The content of this file includes a wealth of information that users provided when they set up profiles on the MeetMindful site and mobile apps,” the report explains.
The content of the file includes information provided by the users when they were signing up for the platform’s services.
Users could be targets of phishing attacks
The sensitive details include the real names of the users, their body details, state and ZIP details, dates of birth, dating references, email addresses, marital status, Facebook user IDs, Bcrypt-hashed account passwords, as well as their IP addresses.
Shinyhunters involved again
ShinyHunters have been mentioned in several data breaches recently. The hacker was also involved in the leak of sensitive data of 3.25 million users of the BuyUcoin crypto exchange.
And only last week, the hacker leaked data of 1.9 million users from photo editing firm Pixlr. Reports also revealed that ShinyHunters also leaked the data from India’s BigBasket and ChqBook.
Other Indian firms were victims of cyberattacks by the same hacker. Wedding planning website WedMeGood and e-marketplace ClickIndia are other firms that have suffered a data breach from ShinyHunters, as reported in the media.
For the affected MeetMindful users, the exposed data could be used by threat actors to launch future phishing and extortion attacks. It could also provide information for a threat actor to trace their real-world identities.
The leaked data is still available to the public on the darknet forum where it was originally leaked.
Hackers are using any avenue to extort money from their victims, with many engaged in sextortion.
The normal tactic is to contact the dating site users, especially those who are married and threaten to expose them if they don’t pay a stated ransom.
At the time of writing, the data theft at MeetMindful has not been addressed publicly by the dating site.
However, the leaked file doesn’t contain shared messages by the users, but it doesn’t make it less sensitive than it already is.
Some of the leaked accounts do not have the complete details, but the data they provided is enough for a threat actor to start hatching plans against the user.
Presently, the threat where the leaked data was posted has had over 1,500 views. Since it’s a darknet forum, it’s believed that the majority of those that viewed the thread have also downloaded the data. It puts the affected users at risk of a phishing attack.
Most Leaks Come From Unsecure AWS S3 Buckets
It’s not clear how the data was compromised on MeetMindful, but Shinyhunters is notorious for getting data from misconfigured Amazon Web Services Inc. S3 buckets and databases.
Pravin Rasiah, Vice president of CloudSphere, a cloud management platform, stated that one of the most common causes of data breaches is improperly secured AWS S3 buckets.
He further stated that S3 buckets are more frequently exposed, and hackers are always ready to pounce at the opportunity of stealing data when it happens.
Once an experienced user ticks the ‘all users’ access option, it leaves the S3 bucket exposed to the public. As a result, hackers are always waiting on the sidelines for such mistakes, when they will have the opportunity to attack.
Rasiah stated that it’s necessary to prevent such incidents from happening. According to him, companies need to promote massive awareness about the cloud environment. They should set aside a budget for training users on the basics when it comes to using the cloud environment and making it safe.