How this mobile banking app got hacked to steal data of 7.5 million users?

Database security monitoring specialists report that financial & technology firm Dave suffered a data breach that resulted in the exposure of a database that stored more than 7 million records. The compromised information was for sale on a hacking forum, although it was eventually released for free on other dark web platforms.

Those responsible for the incident published the database, which contained a total of 7, 516, 691 records. In this regard, Dave acknowledged the data breach a few hours later, mentioning that it all stems from an incident at a third-party company: “An intrusion into Waydev, one of our third-party service providers, allowed unauthorized access to certain user data on Dave, including user hash passwords.”

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es davedatabase01.jpg
SOURCE: BleepingComputer

It is not yet known how this third-party company was attacked, database security monitoring experts mentioned. This database contains names, phone numbers, email addresses, dates of birth, social security numbers, and Bcrypt hash passwords.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es davedatabase02.jpg
SOURCE: BleepingComputer

As a security measure, Dave forced a password reset on all his user accounts; the company also recommended its users to change passwords from other online platforms to prevent credential stuffing attacks.

A few weeks ago, database security monitoring experts at the Firm Cyble revealed that a threat actor had launched a database belonging to Dave; although the financial company responded quickly, it appears that the reports were dismissed. The person responsible for this attack was also auctioning databases for Swvl.com and Dunzo.com; Dunzo acknowledged that he suffered a data breach a few days ago.

Shortly after the incident, the database was sold to an anonymous user (an operation close to $16k USD); finally, last July 24, the hacker known as ShinyHunter released the database for free on multiple hacking forums on dark web.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es davedatabase03.jpg
SOURCE: BleepingComputer

Researchers ignore the reasons why ShinyHunter leaked this database; however, now that the information was exposed, other threat actors could deploy dangerous hacking campaigns, so affected users should consider security recommendations.  

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.