Hacker ‘HikkI-Chan’ leaks private knowledge of over 390 million VK customers on Breach Boards, together with metropolis, nation, full names, and profile picture URLs. Hackread.com investigates this huge privateness breach.
A hacker utilizing the alias “HikkI-Chan” has leaked the private particulars of over 390 million VK customers (particularly, 390,425,719) on the infamous cybercrime and hacker platform Breach Boards.
The hacker claims that the breach occurred in September 2024 and that the info is updated. On your info, VK, or VK.com, is a well-liked social networking service based mostly in Russia. The positioning capabilities equally to Fb and is without doubt one of the largest social media platforms in Russia and different Jap European international locations.
VK.com was based by Pavel Durov in 2006. Durov, a Russian entrepreneur, later co-founded the messaging service Telegram and was arrested in France final week over accusations associated to Telegram moderation.
The Breach!
The Hackread.com analysis group can affirm that the info is big, amounting to over 27 GB in dimension. An in-depth evaluation of the database reveals that the leaked info doesn’t include telephone numbers or passwords. Nonetheless, it does embrace the next particulars:
- Metropolis
- Nation
- Full names
- URL hyperlinks to consumer profile photos
- Electronic mail addresses (complete quantity unknown)
Whereas the leaked info is sort of important, it’s within the Russian language, which may make it troublesome for different menace actors to make the most of. The URL hyperlinks to VK consumer profile photos belong to userapi.com, a site related to the VK software.
A Second-Order Knowledge Breach
In an unique dialog with Hackread.com, the hacker confirmed that VK was circuitously breached, nor have been their servers accessed. The hacker additionally dismissed rumours that the knowledge was scraped.
In response to the hacker, the incident was a “second-order” breach, which refers to a state of affairs the place knowledge compromised in a single breach is used to facilitate one other, usually bigger breach.
“The data in question is from a second-order breach. It wasn’t sourced directly from VK but rather obtained through a third-party breach that exposed VK data,” the hacker instructed Hackread.com.
Nonetheless, this isn’t the primary time VK has suffered a knowledge breach. In June 2016, Hackread.com reported on a hacker who was promoting 100 million VK accounts for 0.1 BTC (583.42 US {Dollars} at the moment) on the darkish internet.
HikkI-Chan – A Excessive Profile Hacker Already?
Though a comparatively new consumer on Breach Boards, their exercise could be traced again to March 15, 2024, once they claimed their first hack, which was associated to the U.S. Division of Protection (US DoD).
The identical hacker has claimed duty for concentrating on the Israeli police and the Israeli public transportation firm Kavim. Earlier than the VK knowledge leak, the hacker was promoting Turkish citizenship knowledge, which included private and PII info of over 80 million Turks, the entire inhabitants of Turkey.
Two different notable alleged hacks by the hacker embrace the Florida Workplace of Monetary Regulation, the place 8,639,326 data have been leaked final week, and a extremely delicate but alleged knowledge leak involving FBI recordsdata, which they dubbed “Operation Priser.”
Though there is no such thing as a info on-line about Operation Priser, the hacker describes it as “an operation that involved deep infiltration into government networks, leading to the extraction of highly sensitive information.”
Moreover, whereas sharing restricted details about the operation, the hacker claims that the leaked recordsdata embrace “Terrorism Fighting Data, White House Mailing List, FBI Top Employees (Name, Role, Location), Federal Jobs Listing, FBI Employees’ Images, and much more.”
Nonetheless, the VK knowledge leak poses a privateness menace to unsuspecting customers throughout Russia and Jap Europe, as cybercriminals can use profile photos and names to create pretend profiles. In the meantime, state-backed hackers are all the time in search of such knowledge for malicious functions.
Hackread.com has reached out to VK for remark. This text will likely be up to date if and after we obtain a response.
RELATED TOPICS
- Hackers Leak 1.4 Billion Tencent Person Accounts On-line
- 3 Billion Nationwide Public Knowledge Information with SSNs Dumped On-line
- FBI’s Safety Platform InfraGard Hacked; 87k Members’ Knowledge Offered
- Knowledge Leak Exposes 1.5B Actual Property Information, Together with Kylie Jenner
- 57,000 Kaspersky Fan Membership Discussion board Person Knowledge Leaked in Internet hosting Breach