Go to listing page

Cyberattack on ChatBooks, Data Sold on Dark Web

Cyberattack on ChatBooks, Data Sold on Dark Web
ChatBooks - an online photo printing service - disclosed to its users that user credentials were stolen from their systems in a cyber attack. The data of 15 million users are now being sold on the dark web.

What happened

ChatBooks data breach is just another in a series of breaches by a hacker group, Shiny Hunters. This group is selling millions of user records from 11 companies. The records were held for over a month and now they are being sold on the dark web for USD 3,500 for 15 million records. A sample was provided that consisted of PII, social media access tokens, email addresses, and hashed passwords.

The situation

  • The company got to know about the breach on May 5, 2020, two days after the group started advertising the user records on the dark web market.
  • The breach actually took place on March 26, 2020.
  • Although ChatBooks is not the first or only company to be attacked by Shiny Hunters, they are the first to acknowledge the hack.

What the experts are saying

  • The CEO of ChatBooks stated that a small section of the stolen records includes inactive social media access, merchant tokens, phone numbers, and Facebook IDs.
  • The company informed its customers that no credit card information was stolen since it is not stored in the database.
  • The company alerted its users that they are working with a digital security and forensics organization to evaluate the extent of the breach.

More about the breach

  • There is no evidence that photos or any other information were stolen.
  • Hackers can convert the passwords into hashes, add salt, and compare the results with what the stolen database provides. A match means that a password has been cracked.
  • The information is not offered exclusively by the hackers and the details released have attracted a healthy amount of buyers.

In essence

It has been suggested by the company that users should change their passwords as soon as they can to avoid their accounts being compromised.

Cyware Publisher

Publisher

Cyware