ShinyHunters Is a Hacking Group on a Data Breach Spree
Data breaches have become an all too common threat in recent years, exposing personal information through attacks on companies and institutions. Some of these assaults are the result of sophisticated nation state espionage operations, while others are fueled by online criminals hoping to sell the stolen data. Over the first two weeks of May, a hacking group called ShinyHunters has been on a rampage, hawking what it claims is close to 200 million stolen records from at least 13 companies.
Such binges aren’t unprecedented in the dark web stolen data economy, but they’re a crucial driver of identity theft and fraud. Without new breaches, user details that are already in circulation—like account login credentials, names, addresses, phone numbers, and credit card data—simply get repackaged again and again and passed around criminal forums at lower cost. Fresh data is like gold. But while ShinyHunters came on strong in early May, dropping trove after trove of freshly stolen data, the group now seems to have gone quiet.