Hacker Steals 31 SQL Databases (1.6 million rows of data) To Extort Online Shop Owners

A hacker has stolen at least 31 SQL databases containing 1,620,000 (1.6 million) rows of information relating to the customers of online shops.

The hacker is offering samples of the data which, depending on the online shop, may reveal full names, usernames, email addresses, dates of birth, physical addresses, gender, account status, history and more, from each of the extorted e-commerce websites to prove the validity of the data and ramp up the pressure that is exerted on the database owners.

Experts Comments

May 27, 2020
Ilia Kolochenko
Founder and CEO
ImmuniWeb
At ImmuniWeb, we first detected a database encrypting ransomware attack in 2015. Since then, both the number and the sophistication of such attacks has skyrocketed. Many cyber gangs now leverage Machine Learning capabilities to better and faster detect outdated web applications in the Internet. They rapidly compromise, backdoor and even patch the vulnerability in a silent and seamless manner to preclude rival hacking groups from taking over the victim’s website. In today's pandemic bolstered .....Read More
At ImmuniWeb, we first detected a database encrypting ransomware attack in 2015. Since then, both the number and the sophistication of such attacks has skyrocketed. Many cyber gangs now leverage Machine Learning capabilities to better and faster detect outdated web applications in the Internet. They rapidly compromise, backdoor and even patch the vulnerability in a silent and seamless manner to preclude rival hacking groups from taking over the victim’s website. In today's pandemic bolstered e-commerce sector, however, most of the newly deployed web applications are insecure and vulnerable. We will likely see a protracted surge of new attacks targeting careless web shops. Most of them are unfortunately poised to be highly successful, and costly for the victims. To help address the spiraling web hacking activities of this kind, at ImmuniWeb we offer a free website security test to check compliance with GDPR and PCI DSS requirements and tests for over 12,000 security vulnerabilities for 200+ CMS and 150,000+ their plugins.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.