Data leak monitoring service, Data Viper, has suffered from a data breach. In all, 8,200 previously leaked databases have allegedly been stolen.
Data leak monitoring service, Data Viper, has wound up being the latest victim of a data breach. The service monitors the web for leaked and hacked databases online. In turn, they collect and store the databases they come across and allow people to scan for their login credentials. In essence, it’s a service similar to HaveIBeenPwned.
Now, we are learning that, as an act of revenge, a hacker says he’s been able to hack the service and steal 8,200 databases that were stored on the service. In turn, the databases were then posted on the dark web for all to peruse. From ZDNet:
Earlier today, a hacker going by the name of NightLion (the name of Troia’s company), emailed tens of cyber-security reporters a link to a dark web portal where they published information about the hack.
The site contains an e-zine (electronic magazine) detailing the intrusion into DataViper’s backend servers. The hacker claims to have spent three months inside DataViper servers while exfiltrating databases that Troia had indexed for the DataViper data leak monitoring service.
The hacker also posted the full list of 8,225 databases that Troia managed to index inside the DataViper service, a list of 482 downloadable JSON files containing samples from the data they claim to have stolen from the DataViper servers, and proof that they had access to DataViper’s backend.
Furthermore, the hacker also posted ads on the Empire dark web marketplace where they put up for sale 50 of the biggest databases that they found inside DataViper’s backend.
The article contains a number of screenshots of the hackers activity.
Troia responded to the story saying that the hacker had access to a test server. In turn, what is being sold and published are databases that are years old now. Additionally, Troia said that, in some instances, the databases are likely taken from the same sources that the hackers obtained them. In short, he says that the databases are taken from other sources. Troia also said that the hacker in question is connected to high profile hacking groups like GnosticPlayers, ShinyHunters, and TheDarkOverlord.
So, its still a fluid situation at this stage. Some elements in this story are still being verified. Still, it’s worth pointing out that, worst case scenario, the hacker in question has access to old data. If you’ve changed your passwords since some of these data leaks and breaches, you have less to worry about. That, of course, is with respect to the leaks and breaches that are already well known.
What is lending some credibility to the hacker, however, is the fact that some of the allegedly hacked data was exclusively reported by Data Viper. Additionally, some databases being named were never publicly reported on before. In one instance, a company that was named was contacted by KrebsOnSecurity responded by saying that they were unaware of a data breach on their end and that they are going to investigate these claims.
So, certainly one of those stories with a lot of twists and turns here.
Drew Wilson on Twitter: @icecube85 and Facebook.