InfoSecBulletin Cybersecurity for mankind
A criminal hacking group claims to have stolen the World-Check database with millions of records. The database is used by companies to check if potential customers have connections to financial crime or sanctions.
The group called GhostR stole 5.3 million records from the World-Check database in March and are threatening to release the data online.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
World-Check is a database that companies use to check if potential customers are high-risk or potential criminals. It helps companies identify people with connections to money laundering or who are under government sanctions. The hackers claimed to have stolen the data from a Singapore-based company that has access to the World-Check database, but they did not reveal the name of the company.
A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.
Simon Henrick, a spokesperson for the London Stock Exchange Group, clarified that the incident was not a security breach of their systems. Instead, it involved a third party’s data set, including a copy of the World-Check data file. This data file was illegally obtained from the third party’s system. The London Stock Exchange Group is working with the affected third party to protect their data and notify the appropriate authorities.
LSEG did not name the third-party company, but did not dispute the amount of data stolen.
TechCrunch saw stolen data with records on thousands of people, including government officials, diplomats, and leaders of private companies considered high risk for corruption or bribery. The list also includes people involved in crime, terrorism, intelligence, and a spyware vendor from Europe.
The data in the database is different for each record. It includes names, passport numbers, Social Security numbers, online crypto account identifiers, bank account numbers, and more.
World-Check is now owned by the London Stock Exchange Group after buying Refinitiv in a $27 billion deal in 2021. LSEG gathers information from public sources like sanctions lists, government sources, and news outlets, and offers the database to companies as a subscription for doing customer due diligence.
Private databases, such as World-Check, sometimes have errors that can unfairly implicate innocent people not involved in any criminal activity. These individuals have their information stored in these databases.
In 2016, the World-Check database was leaked online due to a security issue at a third-party company. This leak included information about a former advisor to the U.K. government who had been labeled as “terrorism” by World-Check. HSBC, a major bank, closed the bank accounts of some well-known British Muslims who were also labeled as “terrorism” in the World-Check database.
A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not immediately comment on the breach.
Source: Techcrunch, bankinfosecurity
