The notorious ‘Gnosticplayers’ hacker is responsible for some of the most significant data breaches of the year, including the most recent breached victim: Zynga Inc.
The ‘Gnosticplayers’ hacker has stolen and sold millions of sensitive data on the dark web without being identified by law enforcement investigators.
Organizations have had their personal data of customers stolen and sold on dark markets without being aware of such illicit actions taking place.
List Of Data Breaches
Below is a list of significant data breaches involving ‘Gnosticplayers’ and large companies:
MyHeritage, 500px, Animoto, & MyFitnessPal
1. The unidentified hacker’s prominence began when databases comprising approximately 617 million compromised accounts were put for sale on now-defunct online darknet market Dream Market. The hack impacted 16 different companies such as MyHeritage, 500px, Animoto, and MyFitnessPal.
Houzz, PetFlow, Ixigo, Ge.tt, YouNow, & Other Companies
2. The second stage of data dump
3. The third set of compromised databases that were put on sale involved the personal information of approximately 92 million users. Such stolen records belonged to eight new organizations around the world. The most significant victim affected was the renowned GIF hosting and sharing platform, GfyCat. ‘Gnosticplayers’ was selling every database at a price worth 2.6249 BTC.
LifeBear, Estante Virtual, YouthManual, Coubic, GameSalad, & Bukalapak
4. The fourth stage of compromised accounts comprised 26.42 million user records. Such records were the property of six businesses: LifeBear, Estante Virtual, YouthManual,
iCracked, Moda Operandi, MindJolt, Evite, Wanelo, & Yanolja
5. Furthermore, the unidentified hacker has put up the fifth set of user records for sale in April 2019. In this period, ‘Gnosticplayers’ had revealed a total of 65.5 million records on the Dream Market forum. The stolen data belonged to six new organizations: iCracked, Moda Operandi, MindJolt, Evite, Wanelo, and Yanolja.
6. ‘Gnosticplayers’ hacker was also accountable for the security breach of Canva, an Australian online graphic-design tool company. The hacker reported having stolen the data of 139 million Canva users.
Eatstreet & Evite
7. American online food ordering service Eatstreet and social-planning service Evite acknowledged to data breaches that purportedly involved ‘Gnosticplayers’. ‘Gnosticplayers’ reportedly breached over one million records from both companies.
8. Zynga Inc, an American social game developer, became the most recent breached victim. ‘Gnosticplayers’ managed to acquire unauthorized access to an enormous database comprising data of more than 218 million users. According to sample data shared, the stolen user’s information comprised names, email addresses, usernames, hashed passwords (SHA1 with salt encryption), phone numbers, Facebook IDs and Zynga account IDs belonging to customers.
‘Gnosticplayers’ has managed to steal over one billion user credentials and personal information from approximately 44 organizations without being caught by law enforcement agencies. Companies need to pay attention to their IT security and train their employees accordingly to combat cybercrimes.