Published on 27 Apr 2020 by Illy
Pastebin and Twitter are actively removing files containing thousands of email addresses and passwords, allegedly belonging to various health organisations involved in the fight against COVID-19. The breach also contains several logins that users have claimed to have used to access private directories in relation to COVID-19 research. The title of some of these lists however, references a credentials database that has been shared amongst criminals since 2016. Suggesting that the contents of the recently shared lists may be cherry picked and outdated data from previous breaches and thus they pose little risk.
The data appeared to first emerge on the forum 4chan before being uploaded to Pastebin and shared on Twitter. This began when a user  posted a now deleted tweet containing Pastebin and archive links to multiple data dumps. The content of these sites were quickly archived and re-uploaded on external forums such as Kiwifarms.net, leading the data to remain available despite efforts to take them down.
Try our Darknet Intelligence/Forensics tool for free, contact firstname.lastname@example.org
20 May 2020
The darknet market Europa, which offered a place of haven for users looking to buy drugs and weapons, including firearms, has become inaccessible. It is unclear as to whether the market was seized by authorities or if the seizure notice is just a ploy by the site admins in an attempt to avoid blame from its customers during an exit scam.
19 May 2020
Budget airliner EasyJet has released a statement notifying its customers that the email addresses and travel details of around 9 million user accounts were compromised in what it calls a “highly sophisticated attack", back in as early as January of this year.
18 May 2020
One of the worlds largest entertainment lawyers who allegedly also worked for President Trump has been the victim of ransomware, with hackers threatening to sell off the acquired data to the highest bidder on the darknet.
13 May 2020
Unacademy, a service that claims to be “India’s largest learning platform” has reportedly had a data breach, with 28 million user accounts for sale on a darknet market.