Over 23,000 hacked databases shared over Telegram and Discord

Around 13 billion user files are believed to be circulating on hacker forums

Over 50GB of data from 23,000 hacked databases have been shared by hackers across Telegram channels and two hacking forums, it has emerged.

A total of 23,618 databases were able to be downloaded through the Mega file hosting service, amounting to a dataset of around 13 billion personal files. The link was later taken down following abuse reports but there are fears that the data has entered the public domain, according to reports from ZDNet.

The databases are said to have come from Cit0Day.in, an underground service launched in January 2018 that provides hacked password data to criminals for a monthly fee. So far, the collection of data has been shared on Russian-speaking hacker forums, the voice chat app Discord, and Telegram channels managed by nefarious data traders.

On 14 September, this service showed users what appeared to be an FBI and US Department of Justice seizure notice. According to threat intelligence service KELA, the seizure noticed appear to be fake and copied from another website. It is not known if the site's creator, known as Xrenovi4, has been arrested.

The databases themselves are from both big-name internet portals as well as smaller, lesser-known websites. Evidence suggests the data is already being exploited by cyber criminals to carry out credential stuffing and password spraying attacks against users who have reused passwords across a number of websites.

Boris Cipot, senior security engineer at Synopsys, told IT Pro that when stolen data is made public or sold to the highest bidder, the race to exploit these affected users begins.

“The problem is that this leak contains data from more than 23,000 databases," said Cipot. "Some of the data is old, some new. For now, it is hard for anyone to be sure that their name, username, passwords, or other data, has not been exposed. Therefore, I would recommend that everyone change their passwords on services they use – just in case."

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

UK spy agencies supercharge espionage efforts with AWS data deal
cloud computing

UK spy agencies supercharge espionage efforts with AWS data deal

26 Oct 2021
Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021