We recently ran a blog on a hacker who stole approximately 617 million user records from 16 websites. Well, quicker than you can blink, he’s posted a further 127 million more records from eight more websites.

He has 18 million user records from travel booking site Ixigo and 40 million from live-video streaming site YouNow. Add to this, 57 million records from Houzz and 1.8 million from Ge.tt had 1.8 the stolen accounts quickly stack up.

The full breakdown is as follows:
  • Houzz — 57 million accounts
  • YouNow — 40 million accounts
  • Ixigo — 18 million accounts
  • Stronghold Kingdoms — 5 million accounts
  • Roll20.net — 4 million accounts
  • Ge.tt — 1.83 million accounts
  • Petflow and Vbulletin forum — 1.5 million accounts
  • Coinmama (Cryptocurrency Exchange) — 420,000 accounts

In an act of pure cheek the hacker, who claims to be from Pakistan, sent an email to a journalist:
  • He said that many targeted companies have probably no idea that they have been compromised and that their customers' data have already been sold to multiple cybercriminal groups and individuals. 
  • He also said the second round of stolen data, listed above, was up for sale for $14,500.

The price is relatively cheap given the vast amount of user records for sale. But the information is clearly targeted at spammers and credential stuffers. This latter group make it their mission to use stolen customer records to get access to other sites in which the same usernames and passwords are used.
  • If you are a user of any of the above-listed services, you should consider changing your passwords if you have re-used the same password across different websites. 
  • Even if you’ve never heard of any of the websites you might want to consider the tough identity protection provided by BullGuard Premium Protection. It protects all manner of ID information, including passwords, email addresses and user names.
  • If any of the data you choose to protect appears on a website for sale, such as the dark web Dream Market where the above data was listed, you get an immediate alert enabling you to take protectives steps before scammers, phishers and credential stuffers get their hands on it.