InfoSecBulletin Cybersecurity for mankind
A criminal hacking group claims to have stolen the World-Check database with millions of records. The database is used by companies to check if potential customers have connections to financial crime or sanctions.
The group called GhostR stole 5.3 million records from the World-Check database in March and are threatening to release the data online.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
World-Check is a database that companies use to check if potential customers are high-risk or potential criminals. It helps companies identify people with connections to money laundering or who are under government sanctions. The hackers claimed to have stolen the data from a Singapore-based company that has access to the World-Check database, but they did not reveal the name of the company.
A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.
Simon Henrick, a spokesperson for the London Stock Exchange Group, clarified that the incident was not a security breach of their systems. Instead, it involved a third party’s data set, including a copy of the World-Check data file. This data file was illegally obtained from the third party’s system. The London Stock Exchange Group is working with the affected third party to protect their data and notify the appropriate authorities.
LSEG did not name the third-party company, but did not dispute the amount of data stolen.
TechCrunch saw stolen data with records on thousands of people, including government officials, diplomats, and leaders of private companies considered high risk for corruption or bribery. The list also includes people involved in crime, terrorism, intelligence, and a spyware vendor from Europe.
The data in the database is different for each record. It includes names, passport numbers, Social Security numbers, online crypto account identifiers, bank account numbers, and more.
World-Check is now owned by the London Stock Exchange Group after buying Refinitiv in a $27 billion deal in 2021. LSEG gathers information from public sources like sanctions lists, government sources, and news outlets, and offers the database to companies as a subscription for doing customer due diligence.
Private databases, such as World-Check, sometimes have errors that can unfairly implicate innocent people not involved in any criminal activity. These individuals have their information stored in these databases.
In 2016, the World-Check database was leaked online due to a security issue at a third-party company. This leak included information about a former advisor to the U.K. government who had been labeled as “terrorism” by World-Check. HSBC, a major bank, closed the bank accounts of some well-known British Muslims who were also labeled as “terrorism” in the World-Check database.
A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not immediately comment on the breach.
Source: Techcrunch, bankinfosecurity
