Research Team Analysis

WEEKLY REVIEW FROM THE BREACHAWARE RESEARCH TEAM
Share this analysis

10,182,392 leaked accounts discovered by the BreachAware® Research Team last week.

14 November 2022

A total of 16 breaches were found and analysed resulting in 10,182,392 leaked accounts containing a total of 17 different data types. The breaches found publicly and freely available included Aptoide (3), Pay System Tech, Azazie, Full Tilt and Yappy Media. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A company that offers solutions to optimise non cash payments for carriers across Asia, the Americas and eastern Europe has been breached. It happened back in May and a whopping 16 million users were affected with partial credit card information and payment histories leaked.

Another company whose data was breached back in mid-2019 has seen its data come back into circulation this week on various platforms where data is exchanged or traded in the underground community. With over 700k users in the breached data, there’s lots of plenty of useful data for threat actors including mobile phone numbers, email addresses, and physical addresses.

And finally, one that's been covered heavily by the media. Medibank was hit by a ransomware gang that threatened to drop more data if the demand of $10million wasn’t met. So far, they have dropped a reasonable amount of sample data, which includes over 2 million email addresses along with various datasets including names, physical addresses, dates of birth and Medicare numbers. We've also noticed, the ransomware site has gone offline, perhaps being DDOS by a friend of medibank?

DATA CATEGORIES DISCOVERED

Contact Data, Technical Data, Socia-Demographic Data, Financial Data, Locational Data.

  • Key Statistics
  • Breaches Discovered
    16
  • ACCOUNTS DISCOVERED
    10,182,392
  • DATA TYPES DISCOVERED
    17