- Profiles Put On Sale On Dark Web: Report
- Currently 15 billion stolen logins from 100,000 breaches out on Dark Web:Audit
235 Million ByteDance’s TikTok, Facebook’s Instagram And Google’s YouTube User Profiles Exposed In Massive Data Leak
San Francisco : The Forbes reports, The data was spread across several datasets. Forbes says, while quoting the security researchers, the most significant Datasets were the two coming in at just under 100 million ID profiles. It contained the User profile records apparently stolen from Instagram.
The third-largest is a dataset of some 42 million TikTok users. It is known that the short video messaging app TikTok is owned & controlled by China’s ByteDance.
The next is followed by nearly 4 million Google’s YouTube user profiles, put to sell on Dark web. The rest of the data belongs to the Facebook’s Instagram user.
User data are spread in multiple Datasets. The Datasets includes telephone number, email address, profile name, full real name, profile photo, account details, number of followers and likes etc.
“The information will probably be the most valuable to spammers and cybercriminals running phishing campaigns,” said Paul Bischoff, Editor at Comparitech.
The “unsecured database” problem
Unsecured databases are rapidly becoming such a huge data protection problem that it’s thought a vigilante security researcher is behind the spate of “Meow” attacks. These attacks have overwritten the indexes of thousands of such databases, making it unsecured for any User. On August 1, the Comparitech researchers discovers, “unsecured database” are leaving the personal profile data of nearly 235 million Instagram, TikTok and YouTube users up for grabs. The Comparitech Researchers was led by Bob Diachenko.
In June 2018, Facebook spokesperson was quoted saying , ‘Stealing people’s information from Instagram is a clear violation of our policies. We blocked Deep Social’s access to our platform in June 2018 and sent them a legal notice.” Moreover, Deep Social were banned by both Facebook and Instagram in 2018 after rushing users’ profile data.
Earlier this month, a hacker group known as ShinyHunters broke into 18 companies. They scrapped the data of 386 million user records. According to Bleeping Computer, ShinyHunters began uploading the databases to a forum where anyone can download them for free.
Also Read : Bluetooth Attacks – How to Secure Mobile Devices against Bluetooth BIAS attacks