Cyberattack on ChatBooks, Data Sold on Dark Web

ChatBooks - an online photo printing service - disclosed to its users that user credentials were stolen from their systems in a cyber attack. The data of 15 million users are now being sold on the dark web.

What happened

ChatBooks data breach is just another in a series of breaches by a hacker group, Shiny Hunters. This group is selling millions of user records from 11 companies. The records were held for over a month and now they are being sold on the dark web for USD 3,500 for 15 million records. A sample was provided that consisted of PII, social media access tokens, email addresses, and hashed passwords.

The situation

  • The company got to know about the breach on May 5, 2020, two days after the group started advertising the user records on the dark web market.
  • The breach actually took place on March 26, 2020.
  • Although ChatBooks is not the first or only company to be attacked by Shiny Hunters, they are the first to acknowledge the hack.

What the experts are saying

  • The CEO of ChatBooks stated that a small section of the stolen records includes inactive social media access, merchant tokens, phone numbers, and Facebook IDs.
  • The company informed its customers that no credit card information was stolen since it is not stored in the database.
  • The company alerted its users that they are working with a digital security and forensics organization to evaluate the extent of the breach.

More about the breach

  • There is no evidence that photos or any other information were stolen.
  • Hackers can convert the passwords into hashes, add salt, and compare the results with what the stolen database provides. A match means that a password has been cracked.
  • The information is not offered exclusively by the hackers and the details released have attracted a healthy amount of buyers.

In essence

It has been suggested by the company that users should change their passwords as soon as they can to avoid their accounts being compromised.