Hacker Steals 31 SQL Databases (1.6 million rows of data) To Extort Online Shop Owners

By   ISBuzz Team
Writer , Information Security Buzz | May 27, 2020 02:59 am PST

A hacker has stolen at least 31 SQL databases containing 1,620,000 (1.6 million) rows of information relating to the customers of online shops.

The hacker is offering samples of the data which, depending on the online shop, may reveal full names, usernames, email addresses, dates of birth, physical addresses, gender, account status, history and more, from each of the extorted e-commerce websites to prove the validity of the data and ramp up the pressure that is exerted on the database owners.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
May 27, 2020 11:05 am

At ImmuniWeb, we first detected a database encrypting ransomware attack in 2015.

Since then, both the number and the sophistication of such attacks has skyrocketed. Many cyber gangs now leverage Machine Learning capabilities to better and faster detect outdated web applications in the Internet. They rapidly compromise, backdoor and even patch the vulnerability in a silent and seamless manner to preclude rival hacking groups from taking over the victim’s website. In today\’s pandemic bolstered e-commerce sector, however, most of the newly deployed web applications are insecure and vulnerable. We will likely see a protracted surge of new attacks targeting careless web shops. Most of them are unfortunately poised to be highly successful, and costly for the victims.

To help address the spiraling web hacking activities of this kind, at ImmuniWeb we offer a free website security test to check compliance with GDPR and PCI DSS requirements and tests for over 12,000 security vulnerabilities for 200+ CMS and 150,000+ their plugins.

Last edited 3 years ago by Ilia Kolochenko

Recent Posts

Would love your thoughts, please comment.x