Hacker claims to have stolen more than 8,200 databases from the US cyber security firm Night Lion Security’s data leak detection service. The databases contain billions of records stolen and leaked from other companies during past security breaches.
The databases are collected inside DataViper, a data leak monitoring service managed by the security researcher Vinny Troia.
The hacker used the name “NightLion,” which is the name of the hacked company.
Night Lion Security scans the dark web, hacking forums, paste sites, and other cybercrime marketplaces for information which are stolen from other companies.
Data breach monitoring services is a common type of service offered by cyber-security firms in which the customers can determine if the data of its employees have been involved in a security incident.
The hacker shared evidence of the breach with cyber-security journalists and experts by emailing them a link to a dark web portal where the information about the hack has been published.
The hacker shared the link to an onion service containing the details of the hack of the DataViper’s backend infrastructure he claims to have spent three months to exfiltrate the huge trove of data.
The full list of 8,225 databases has been posted by the hacker, along with 482 downloadable JSON sample files containing data allegedly stolen from the DataViper service. An additional proof of the intrusion to DataViper’s backend was also published.
The hacker was also selling data about DataViper’s users in the Empire dark web marketplace.
According to Vinny Troia, the hacker gained access to one of the DataViper servers used for testing purposes. He added that the hacker is selling their own databases, rather than any information they stole from the company server.
The data leak was collected by past data breaches associated with several threat actors, including GnosticPlayers, TheDarkOverlord, and Shiny Hunters.