< Back to Searchlight Blog

Have COVID-19 Health Organisations been hacked?

Published on 27 Apr 2020 by Illy

Pastebin and Twitter are actively removing files containing thousands of email addresses and passwords, allegedly belonging to various health organisations involved in the fight against COVID-19.

Pastebin and Twitter are actively removing files containing thousands of email addresses and passwords, allegedly belonging to various health organisations involved in the fight against COVID-19. The breach also contains several logins that users have claimed to have used to access private directories in relation to COVID-19 research. The title of some of these lists however, references a credentials database that has been shared amongst criminals since 2016. Suggesting that the contents of the recently shared lists may be cherry picked and outdated data from previous breaches and thus they pose little risk.
alt text The data appeared to first emerge on the forum 4chan before being uploaded to Pastebin and shared on Twitter. This began when a user [1] posted a now deleted tweet containing Pastebin and archive links to multiple data dumps. The content of these sites were quickly archived and re-uploaded on external forums such as Kiwifarms.net, leading the data to remain available despite efforts to take them down. alt text

References:

[1] https://twitter.com/17karnage.

Try our Darknet Intelligence/Forensics tool for free, contact enquiries@slcyber.io


Latest News from Searchlight

03 Jun 2020

Hacked Daniel's hosting database released.

Daniel's hosting, a widely used provider of free darknet hosting, found itself a target of an attack earlier this year, causing its closure shortly after, with its database just now being publicly released.

Read more...

26 May 2020

Update on the effects of COVID-19 on the Darknet

With the world in the grip of the COVID-19 Pandemic, many ways of life have and continue to change as countries adapt to what media are calling the “new normal”.

Read more...

20 May 2020

Europa market allegedly seized

The darknet market Europa, which offered a place of haven for users looking to buy drugs and weapons, including firearms, has become inaccessible. It is unclear as to whether the market was seized by authorities or if the seizure notice is just a ploy by the site admins in an attempt to avoid blame from its customers during an exit scam.

Read more...

19 May 2020

9 Million EasyJet customers details accessed in cyber attack.

Budget airliner EasyJet has released a statement notifying its customers that the email addresses and travel details of around 9 million user accounts were compromised in what it calls a “highly sophisticated attack", back in as early as January of this year.

Read more...