3.8 Billion Users' Combined Clubhouse, Facebook Data Up for Sale

threatpost.com
5 min read
standard
Combined cache of data likely to fuel rash of account takeover, smishing attacks, experts warn.
On its own, the database of 3.8 billion phone numbers leaked from social-media platform Clubhouse didn't have much value on the underground market. In fact, they were eventually dumped in a hacker forum for free.

But an enterprising threat actor has reportedly combined those phone numbers with 533 million Facebook profiles leaked last April and is selling that enhanced trove of personal identifiable information (PII) to the highest bidder on the underground market.

According to CyberNews, the combined Clubhouse-Facebook database includes names, phone numbers and other data, and is listed on an underground forum for $100,000 for all 3.8 billion entries, with smaller chunks of data available for less. Reportedly, the seller is still looking for buyers.

Data Likely to Fuel ATO Attacks

These credentials could quickly be leveraged for basic account takeover (ATO) attacks, according to Brian Uffelman, who is a security analyst for PerimeterX.

"These stolen credentials are then used for credential-stuffing and ATO attacks, which can steal value, whether that is in the form of gift cards, credit-card numbers, loyalty points or making false purchases," Uffleman told Threatpost. "ATO attacks are a major threat to any business and all of this just creates more fuel to feed the ATO attack fire."

He added that it's much easier for cybercriminals to use stolen credentials than to do the work of trying to find holes in an organization's cybersecurity defenses. In fact, Uffleman pointed out PerimeterX research showed out of all login attempts measured in the second-half of 2020, up to 85 percent were ATO attempts.

"Organizations need to be aware of signs that they've been attacked," Uffleman warned. "These can include surges in help-desk calls, spikes in password resets and inhuman user…
Becky Bracken
Read full article