Comedian Studying Platform Coughs Up Private Particulars Of 23M Customers In Information Breach

Final 12 months, a hacker who goes by the identify “pompompurin” managed to breach a Federal Bureau of Investigation (FBI) internet portal and ship out hundreds of hoax emails from an official FBI electronic mail handle. Only a couple weeks prior, pompompurin gained unauthorized entry to the interior community of the inventory buying and selling app Robinhood and stole person information. The hacker then posted this stolen information on the market on RaidForums with a minimal asking worth of 5 figures.

Quick ahead to this 12 months, and US legislation enforcement seized the domains of RaidForums and shut down the web site. Nonetheless, pompompurin shortly launched Breach Boards, a web site meant to take the place of RaidForums. Despite the fact that the location hasn’t been operating for lengthy, Breach Boards has already been dwelling to info stolen in one of many largest information breaches ever. Whereas pompompurin could have his fingers full operating Breach Boards, he hasn’t retired from hacking.

Have I Been Pwned (HIBP), a web site that helps folks decide whether or not their electronic mail addresses or telephone numbers have been caught up in information breaches, lately up to date its database with info from an information breach that happened in Might of this 12 months. This breach compromised the information of over 23 million Mangatoon customers. Mangatoon is a platform for studying comics, and the corporate has remained silent concerning the breach, even after HIBP made the breach publicly recognized. The breach uncovered the next person info:

• Names
• Electronic mail addresses
• Genders
• Social media identities
• Authentication tokens from social logins
• Salted MD5 hashes of passwords

Whereas Mangatoon hasn’t acknowledged the breach, pompompurin has come ahead to say accountability for the incident. The hacker shared samples of the information, in addition to a screenshot of the folder containing all of the stolen databases, with BleepingComputer. The publication was in a position to verify that the information contained within the samples corresponds to legitimate Mangatoon accounts. Pompompurin additionally knowledgeable BleepingComputer that he’ll probably leak the stolen information sooner or later.