The report, which first surfaced on The Register, claims that the hacked websites include MyFitnessPal, MyHeritage and Animoto. While data breaches on these websites were known, there were others in the list like 500px, which had earlier not reported a breach. The database includes email addresses, passwords, location and other such personal details about users.
While the data troves are listed individually on the website, they are all being sold by the same vendor called ‘gnosticplayers’. The seller reportedly joined the Dream Market on February 6 and as of now, has a five-star rating. But then, it is worth mentioning that this rating has been given to him by a single buyer. Gnosticplayers’ profile states, “Feel free to message me here on Dream Market to tell me what kind of data you’re searching (crypto, gaming, or huge data sets”, and I will list it here for sale right after. Since I have a huge reserve of fresh data, I probably have what you need. If the data does not correspond to what the breach information specifies, do an escrow dispute. However, carefully read the listing of what you’ll receive because if you purchase it you agree to receive the specified data.” Considering that a number of listings were from undisclosed data breaches, cybersecurity experts have issued a warning that states that the scale of the breach could be massive and it may lead to change in public sentiment towards security. Security experts also said that people should be vigilant and should look out for their accounts being compromised even if they don’t use the websites or services that report about data breaches any longer. Also, since a lot of people have a tendency of using the same credentials across various platforms, this means that if one of their accounts gets compromised, hackers get vital information for all. You can check if your email address has been compromised on a website called Have I Been Pwned, which keeps a track of all major data breaches.