, , ,

Vendor claims to sell millions of Experian and Whois accounts on Dark Web

The Dark Web listings show 203 million Experian and 88 million data is being sold.

DoubleFlag, the hacker plus vendor who is known for selling high-profile data on the dark web marketplaces is back at it again, this time, with more data and double the price. In his recent listing, the vendor is claiming to have access to the complete databases of two of the world’s best-known companies Experian and WhoIs.

Experian data:

Experian plc is a major credit reference agency with operations in 40 countries. The hacker claims he has access to the Experian database which contains information of some 203,419,083 accounts and has set the price for this database at Bitcoin 0.8082 (USD 600.00).

The database as per his claim includes customer’s full name, address, apartment number, city, state, zip code, gender details, telephone numbers, date of birth, marital status, delivery point barcode, Fips state code, Fips county code, Single Family Dwelling, Apartment with unit designator, Rural Route, Community Reinvestment Act (CRA) income classification code, income details, credit rating details, mail delivery records, Assimilation code, details about customer’s ethnicity, religion, language and other personal and financial information of Experian customers.

An important point to ponder here is that according to vendor’s claim, this data has never been leaked or sold on the Internet before however in an exclusive conversation with HackRead, the hacker refused to answer or give clues regarding the date and year when the database was stolen from Experian servers.

In Oct 2015 Experian suffered a huge data breach in which 15 million T-Mobile users had their data stolen because T-Mobile used Experian to process its credit applications and perform credit checks on its customers.

Remember, DoubleFlag is the same vendor who was previously found selling data of high-profile companies including DropBox, Brazzers, Epic Games, ClixSence, uTorrent, Mail.ru, Yandex.ru and BitcoinTalk Forum.

WhoIs data:

Before going into details about WhoIs data there are few things that need to be explained and cleared. 1: We at Cyber-USA are unable to confirm if this database belongs to Whois.netwhois.comdomaintools.com or whois.icann.org since none of these platforms have replied to our inquiry email. What we can confirm is that this data does not belong to Who.is as they were kind enough to send us a detailed reply confirming that this data does not belong to them neither were they hacked.

So, the WhoIs data that is up for sale includes 88,370,175 records and the price for the data is BTC 0.3896 (USD 300.00). The below given screenshot shows what data is available:

Is the WhoIs data sensitive and legitimate?

Although DoubleFlag claims both Experian and WhoIs databases are new and never been leaked on the Internet or were never part of the leaked databases before, we would like to state that there are several other vendors selling the same WhoIs data since the exact same database is available for public download on Bestwhois. In fact, DoubleFlags’s listing description for WhoIs data matches with the publicly available WhoIs database description and also with the data description of other vendors.

Is the Experian data legit?

When it comes to Experian data there is no indication if it is fake however the description published by DoubleFlag matches with the description available on Poris Data Services, known for selling automotive mailing lists including postal addresses, vehicle information of US vehicle owners and B2B lists. The data may be real and if it is, it’s a massive privacy threat for Experian customers.

We have now received an official response from Experian in which the company has denied its servers being breached by a third party. Over the weekend Experian thoroughly investigated the claims of “DoubleFlag” and concluded that these claims are not true.

“We’ve seen this unfounded allegation and similar rumors before. We investigated it again – and see no signs that we’ve been compromised based on our research and the type of data involved. Based on our investigations and the lack of credible evidence, we consider this an unsubstantiated claim intended to inflate the value of the data that they are trying to sell – a common practice by hackers selling illegal data.”

 

One Comment

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code