A Cyber-criminals group named ShinyHunters claims to have breached ten companies and is currently selling their respective user databases on a dark web marketplace for illegal products.
The hackers are the same group who breached last week Tokopedia, Indonesia’s largest online store. Hackers initially leaked 15 million user records online, for free, but later put the company’s entire database of 91 million user records on sale for $5,000.
Cyber intelligence firm Cyble told BleepingComputer that Shiny Hunters had started to “flood the market” with new data breaches from other companies, bringing the total amount of user databases being sold to 11.
| Company | User Records | Price |
| Tokopedia | 91 million | $5,000 |
| Homechef | 8 million | $2,500 |
| Bhinneka | 1.2 million | $1,200 |
| Minted | 5 million | $2,500 |
| Styleshare | 6 million | $2,700 |
| Ggumim | 2 million | $1,300 |
| Mindful | 2 million | $1,300 |
| StarTribune | 1 million | $1,100 |
| ChatBooks | 15 million | $3,500 |
| The Chronicle Of Higher Education | 3 million | $1,500 |
| Zoosk | 30 million | $500 |
The listed databases total for 73.2 million user records, which the hacker is selling for around $18,000, with each database sold separately. From samples of user records seen by BleepingComputer, the data breaches look legitimate, but they have not been 100% confirmed.
