A Hacker Has Dumped Nearly One Billion User Records Over the Past Two Months (Apr 15, 2019)
A threat actor by the name of “Gnosticplayers” has breached over 44 companies and stolen almost one billion records. The actor has put up approximately 932 million records across five different release rounds, selling them on various Dark Web marketplaces for Bitcoin. The most recent companies to have their data published by the threat actor include Evite, iCracked, Mindjolt, Moda Operandi, Wanelo, and Yanolja.
Recommendation: It is important that your company and employees use different passwords for different accounts that are being used. As this story portrays, previous breaches can allow actors to gain access to other accounts because users frequently use the same username and password combinations for multiple accounts. Anyone who has an account mentioned above should change their password, and any account the same password was used on, as soon as possible.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.