Cyber Incident Victim: Sonicbids
Date:
Nov 2020
Location:
United States of America
Summary
Threat actor ShinyHunters was involved in a cyber incident where databases from various companies were dumped online. The incident started with a dispute over an exclusive data sale between ShinyHunters and a data broker called ExpertData. The buyer was allegedly scammed out of tens of thousands of dollars, leading to a banned forum member giving away databases for free on a Russian-language forum. Several companies' data was compromised, including Animal Jam, eatigo, and Pluto.tv.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
The cyber incident involving ShinyHunters and the dumping of databases from various companies online was a complex and multifaceted event. At the center of the incident was a dispute over an exclusive data sale between ShinyHunters and a data broker calling himself ExpertData. The buyer, who was allegedly scammed out of tens of thousands of dollars, claimed that ShinyHunters and ExpertData had reneged on their agreement to provide exclusive access to the data.
The incident began to unfold when the buyer took to a popular forum to express his dissatisfaction with the deal. However, instead of receiving support or assistance, the buyer was banned from the forum. This unexpected turn of events led the buyer to take matters into his own hands, and he began to give away the databases for free on a Russian-language forum.
The databases that were dumped online included sensitive information from several companies, including Animal Jam, eatigo, and Pluto.tv. The exact nature and scope of the data breach are unclear, but it is evident that the incident had significant consequences for the affected companies. The dumping of the databases online not only compromised the sensitive information of the companies but also potentially put their customers' data at risk.
The incident highlights the complex and often murky world of cybercrime, where threat actors and data brokers operate in the shadows, often with little regard for the law or the consequences of their actions. The fact that the buyer was scammed out of tens of thousands of dollars and then banned from the forum suggests that the cybercrime community is often more interested in protecting its own interests than in upholding any sense of justice or fairness.
The role of ShinyHunters in the incident is particularly noteworthy, as the threat actor has been linked to several high-profile data breaches in the past. ShinyHunters' involvement in the incident suggests that the group is not only capable of carrying out sophisticated cyber attacks but also willing to engage in complex and potentially lucrative data sales.
The incident also raises questions about the nature of the relationship between ShinyHunters and ExpertData. Were they partners in the data sale, or did ExpertData simply act as a middleman? The fact that ExpertData was allegedly involved in the scam suggests that the group may have had a significant role in the incident, but the exact nature of their involvement is unclear.
The consequences of the incident are far-reaching and potentially devastating for the affected companies. The dumping of the databases online not only compromises the sensitive information of the companies but also potentially puts their customers' data at risk. The incident highlights the need for companies to prioritize cybersecurity and to take steps to protect themselves against the ever-evolving threat landscape.
The incident also raises questions about the effectiveness of law enforcement agencies in combating cybercrime. The fact that ShinyHunters and ExpertData were able to operate with apparent impunity, scamming the buyer out of tens of thousands of dollars and then dumping the databases online, suggests that law enforcement agencies may be struggling to keep pace with the rapidly evolving world of cybercrime.
In the aftermath of the incident, several companies have come forward to confirm that their data was compromised. Animal Jam, for example, issued a statement acknowledging that its database had been dumped online and assuring customers that it was taking steps to protect their sensitive information. Other companies, including eatigo and Pluto.tv, have also issued statements confirming that their data was compromised.
The incident serves as a stark reminder of the risks and consequences of cybercrime. The fact that sensitive information from several companies was compromised and dumped online highlights the need for companies to prioritize cybersecurity and to take steps to protect themselves against the ever-evolving threat landscape. As the incident continues to unfold, it is clear that the consequences will be far-reaching and potentially devastating for the affected companies.