UPDATED 21:28 EDT / JANUARY 20 2021


ShinyHunters publishes 1.9M stolen user credentials from photo editing site Pixlr

Infamous hacking group ShinyHunters has released 1.9 million stolen user records from free online photo editing service Pixlr as part of a release of hacked data from various sites.

Links to the data stolen from Pixlr were published on a well-known internet hacking forum Jan. 17 and included user login names, email addresses, hashed passwords, country of origin and other details.

In this case, it’s believed that ShinyHunters gained access to Pixlr’s user records through an unsecured Amazon Web Services Inc. S3 bucket, but the hacking group has used various methods in the past. In the hack, financial service provider Dave Inc. in July, ShinyHunters was able to gain access through a breach of Git analytics platform provider Waydev Inc.

Pixlr users are not alone in having its user data stolen and published by ShinyHunters this year. Researchers at cybersecurity intelligence firm Kela Research and Strategy Ltd. have also discovered stolen data linked to on the same forum from Wongnai Media Co. Ltd., Tuned Global Pty. Ltd., Buyucoin, Wappalyzer, Teespring Inc. and Bonobos.com.

“Over this past summer, ShinyHunters was seen publishing leaked data for free, exposing millions of personal records from all over the world,” Victoria Kivilevich, threat intelligence analyst at KELA, told SiliconANGLE. “We have seen collaborators of Shiny Hunters selling and leaking other dumps in the recent months, but Shiny Hunters has not been seen releasing data themselves since November.”

Discussing the publication of stolen Pixlr credentials, Nathanael Coffing, chief security officer at identification firm Cloudentity Inc., noted that with hundreds of thousands of user emails and login credentials exposed in this breach, users are at great risk of credential stuffing or phishing attacks.

“It doesn’t take much for bad actors to cross-reference the compromised data with previously breached records and create accurate profiles of the breach victims,” Coffing explained. “Hackers already have access to previously stolen data on the dark web, which allows them to easily weaponize this free information for their own malicious gain and target users’ financial or healthcare information.”

Image: Raid Forums

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.