Merry 'Leaksmas'! Hackers Give Away 50 Million Pieces of PIIHoliday Leaks Could Result in More Digital Identity Theft and Fraud, Report Warns
Hackers celebrated the year-end holidays with a malicious "Free Leaksmas" posting on the dark web, releasing 50 million stolen consumer records, including credit card information.
The data dump released on underground forums showcased stolen data from companies and governments across multiple countries. Resecurity researchers tracked the leak, branding it as a cybercriminal display of "mutual gratitude" as the year drew to a close.
The researchers said the data can be used to target victims via account takeovers, business email compromises, identity theft and financial fraud.
The impact extends beyond the United States, affecting individuals worldwide in countries including France, Peru, Vietnam, Italy, Russia, Mexico, the Philippines, Switzerland, Australia, India and South Africa.
During the "Leaksmas" event, a substantial dataset was leaked from Movistar, a prominent telecommunications provider in Peru. Researchers found over 22 million records, including customers' phone numbers and Documento Nacional de Identidad numbers.
DNI is the sole identity card recognized by the Peruvian government.
"This incident underscores the critical need for robust digital identity protection programs, particularly in Latin America, where there is an escalating trend of cyberattacks resulting in major data breaches and significant damages," the researchers said.
Hackers from the group SiegedSec took the spotlight during the holiday season, gaining notoriety for releasing data from the Idaho National Labs.
The group claimed successful hacks into unspecified government resources, following its celebration of a victorious attack on Shufersal, Israel's largest supermarket chain, which it called a "Christmas Gift" in support of Palestine.
Hackers also targeted Bezeq and Cellcom, two major Israeli telecom companies. The link between SiegedSec and the hacks remains unverified, the researchers said.
SiegedSec also hinted at further unexpected actions in the upcoming year, including the exfiltration of citizen data.
Here are some prominent leaks cited by Resecurity:
- A government agency in Chile experienced a security breach on Christmas Day.
- In the Asia-Pacific region, cybercriminals disclosed over 15.77 gigabytes of data from a major credit services provider in the Philippines.
- A breach involving a French company caused approximately 1.5 million records to be freely shared on the dark web.
- Cybercriminals "gifted" a leak associated with a project later acquired by Klarna, a Swedish fintech company. The breach, involving 1.4 million records, had been rumored since 2022, but the complete data dump became available during the giveaway.
- In the Asia-Pacific region, a Vietnam-based fashion store suffered a significant leak on the dark web, exposing over 2.5 million victim records that have appeal for spammers and illegal affiliate marketing specialists.
- A leak from an online military gear shop in Italy attracted foreign cyber actors due to the nature of its audience - individuals interested in military gear;
- A breach on Christmas Day involving a Russian sushi restaurant network leaked over 164,052 records and attracted attention for not having been previously seen on the dark web.
- A significant leak from Mexico involved over 2 million records of banking customers, likely obtained from a breached financial institution or related service provider. Despite dating back to 2021, the information remains relevant in 2024.
In addition to individual leaks, perpetrators released larger compilations, including extensive combination lists with millions of records containing emails and passwords that targeted India.