Cyberthreat intelligence and breach database company DataViper has been allegedly hacked and its database of breached credentials offered for sale on the shady part of the internet known as the dark web.
The person behind the hack claims to have stolen more than 8,200 databases containing the information of billions of users that had been compiled from data stolen from other companies in the past.
DataViper, like several other companies in the market, gathers details of breached account credentials that allow users — in DataViper’s case, corporate customers and police services — to check whether credentials have been previously compromised. Notable among DataViper’s customers are the Dubai Police, Europol and the U.S. Federal Bureau of Investigation.
The details of how the alleged data breach took place are not entirely clear. Company founder Vinny Troia told ZDNet that a hacker did gain access to one of DataViper’s servers but the server was only a test instance. Troia claims that the databases being offered by the hacker, who he says is associated with several hacking groups including TheDarkOverlord, ShinyHunters and GnosticPlayers, is are the hacker’s own, not information stolen from DataViper.
Where the story takes an interesting twist is that Troia claims that hack was personal because he published a book earlier this year that detailed the activities of hacking groups. Further, he alleges that the leak was timed to damage his reputation before a talk he’s scheduled to give later this week at the SecurityWorld conference on the very same hackers.
“This specific case seems to be a personal revenge incident primarily directed to damage reputation of the allegedly breached cybersecurity firm,” Ilia Kolochenko, founder and chief executive officer of web security company ImmuniWeb, told SiliconANGLE. “Given the details of the incident, a criminal investigation may have a considerable degree of success to uncover the chain of events and identify the attackers.”
Ray Kelly, principal solutions architect and alliances at application security platform provider WhiteHat Security Inc., noted that the hack exemplifies how no organization is safe from a potential data breach. “In this case, a cybersecurity firm failed to detect a malicious actor inside their network for several months,” he noted. “It also shows the importance of using several layers of security from web application security to intrusion detection systems where something like this might have been caught.”