Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network

hackread.com · WAQAS · 1 year ago · news
quality 7/10 · good
0 net
Tags
data-leak social-network vk
Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network Hacking News Leaks WikiLeaks Anonymous Technology Android Apple Google Microsoft Samsung 3D How To Artificial Intelligence Machine Learning Cyber Crime Phishing Scam Scams and Fraud Security Malware Censorship Cyber Attacks Crypto Blockchain Surveillance Drones NSA Privacy Gaming Submit Press Release Hacking News Data Breaches Security Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network by Waqas September 3, 2024 3 minute read Hacker ‘HikkI-Chan’ leaks personal data of over 390 million VK users on Breach Forums, including city, country, full names, and profile image URLs. Hackread.com investigates this massive privacy breach. A hacker using the alias “HikkI-Chan” has leaked the personal details of over 390 million VK users (specifically, 390,425,719) on the notorious cybercrime and hacker platform Breach Forums. The hacker claims that the breach occurred in September 2024 and that the data is up to date. For your information, VK, or VK.com, is a popular social networking service based in Russia. The site functions similarly to Facebook and is one of the largest social media platforms in Russia and other Eastern European countries. VK.com was founded by Pavel Durov in 2006. Durov, a Russian entrepreneur, later co-founded the messaging service Telegram and was arrested in France last week over accusations related to Telegram moderation. VK data leak on Breach Forums (Screenshot: Hackread.com) The Breach! The Hackread.com research team can confirm that the data is huge, amounting to over 27 GB in size. An in-depth analysis of the database reveals that the leaked information does not contain phone numbers or passwords. However, it does include the following details: City Country Full names URL links to user profile images Email addresses (total number unknown) While the leaked information is quite significant, it is in the Russian language, which could make it difficult for other threat actors to utilize. The URL links to VK user profile images belong to userapi.com , a domain associated with the VK application. A Second-Order Data Breach In an exclusive conversation with Hackread.com, the hacker confirmed that VK was not directly breached, nor were their servers accessed. The hacker also dismissed rumours that the data was scraped . According to the hacker, the incident was a “second-order” breach, which refers to a scenario where data compromised in one breach is used to facilitate another, often larger breach. “ The data in question is from a second-order breach. It wasn’t sourced directly from VK but rather obtained through a third-party breach that exposed VK data,” the hacker told Hackread.com. Inside the VK data leak (Screenshot: Hackread.com) However, this is not the first time VK has suffered a data breach. In June 2016 , Hackread.com reported on a hacker who was selling 100 million VK accounts for 0.1 BTC (583.42 US Dollars at that time) on the dark web. HikkI-Chan Although a relatively new user on Breach Forums, their activity can be traced back to March 15, 2024, when they claimed their first hack, which was related to the U.S. Department of Defense (US DoD). The same hacker has claimed responsibility for targeting the Israeli police and the Israeli public transportation company Kavim. Before the VK data leak, the hacker was selling Turkish citizenship data, which included personal and PII information of over 80 million Turks, the total population of Turkey. Two other notable alleged hacks by the hacker include the Florida Office of Financial Regulation, where 8,639,326 records were leaked last week, and a highly sensitive yet alleged data leak involving FBI files, which they dubbed “Operation Priser.” Although there is no information online about Operation Priser, the hacker describes it as “an operation that involved deep infiltration into government networks, leading to the extraction of highly sensitive information.” Additionally, while sharing limited information about the operation, the hacker claims that the leaked files include “Terrorism Fighting Data, White House Mailing List, FBI Top Employees (Name, Role, Location), Federal Jobs Listing, FBI Employees’ Images, and much more.” HikkI-Chan on Breach Forums (Screenshot: Hackread.com) Hackread.com has reached out to VK for comment. UPDATE – 18:21 Tuesday, 3 September 2024 (GMT) VK has responded to Hackread.com and, after investigating the matter, the company maintains that there was no data breach at VK. They state that the data in question was collected from publicly available sources. “We can confirm that there have been no security breaches of any kind, including those involving personal information. VK user data is securely protected, and the content in question was collected solely from publicly available sources. This information does not contain any confidential data but consists of details that our users have voluntarily shared on their profiles.” VK Spokesperson Nevertheless, the data leak still poses a privacy threat to unsuspecting users across Russia and Eastern Europe, as cybercriminals can use profile images and names to create fake profiles. Meanwhile, state-backed hackers are always seeking such data for malicious purposes. RELATED TOPICS Hackers Leak 1.4 Billion Tencent User Accounts Online 3 Billion National Public Data Records with SSNs Dumped Online FBI’s Security Platform InfraGard Hacked; 87k Members’ Data Sold Data Leak Exposes 1.5B Real Estate Records, Including Kylie Jenner 57,000 Kaspersky Fan Club Forum User Data Leaked in Hosting Breach Cyber Attack Cybersecurity data breach Pavel Durov Russia Social Media VK Subscription Form Email Address* FIRSTNAME LASTNAME Latest Posts Operation Masquerade: FBI Disrupts Russian Router Hacking Campaign Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying New ClickFix Attack Uses Node.js Malware via Tor to Steal Crypto Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware PRESS RELEASE Press Release AI Future: The Leading International AI and Web3 Forum to Take Place in April by CyberNewswire Press Release Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec by CyberNewswire Press Release 2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates by CyberNewswire Press Release Gcore Radar report reveals 150% surge in DDoS attacks year-on-year by CyberNewswire Press Release SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft by CyberNewswire Related Posts Security Toyota’s PASTA- A car hacking tool to enhance automobile cybersecurity A team of security researchers working for the renowned automobile maker Toyota have developed a new car hacking… by Waqas Hacking News Pro-Palestinian Group Hacks Piatt County’s Sheriff Office Website Summary: In a successful cyber attack the online pro-Palestinian hackivist AnonGhost hacked the official website of Piatt County,… by Waqas Phishing Scam Scams and Fraud Security BBB CEO Falls for Dropbox Phishing Scam, Sends Out Malware Emails In May 2015, we reported an alert to be careful of a Dropbox phishing scam, but it seems not… by Pushpa Mishra Security Vulnerability in Web Codes causes Data Dumping onto Personal Computers Caution: Weakness of Web Codes causes Data Dumping onto Personal Computers A web developer has revealed that by… by Waqas
← Back to stories