Hackers can often be seen even targeting cybersecurity firms to gain maximum profit while exfiltrating databases. In a bizarre incident, a hacker announced the theft of thousands of databases from Night Lion Security’s backend servers.
8,200+ databases leaked and put for sale
A hacker going by the name NightLion stole more than 8,200 databases from the cybersecurity firm’s DataViper, a data leak monitoring service.
- The hacker emailed cybersecurity reporters a link to a dark web portal that contained details of the intrusion into Night Lion Security’s servers. The hacker provided proof of the access as well as a list of 482 downloadable JSON files taken from the breached DataViper servers.
- The attacker spent up to three months inside DataViper servers. The hacker also posted advertisements for sale of the largest 50 database on the Empire Dark Web marketplace. The databases came from some old breaches and some newer incidents.
- Some experts believe that the hacker could be associated with several prolific hacking groups such as TheDarkOverlord, ShinyHunters, and GnosticPlayers.
The risks of data enrichment
In recent months, there have been several incidents when hackers were able to breach records of billions of individuals.
- In June 2020, Oracle’s BlueKai exposed billions of names, home addresses, email addresses, and other identifiable data in a database.
- In May 2020, Thailand’s largest cell network Advanced Info Service (AIS) exposed an ElasticSearch database containing 8 billion Thai internet records.
- Massive data breaches like these have created a situation where any hacker may attempt to enrich the data from recent breaches to find out complete personal and financial details of any single individual.
- Organizations should ensure they are storing only the data they need and have effective controls in place, like data encryption and network segmentation, to prevent such massive data compromise incidents.