The ShinyHunters extortion gang breached Vimeo in April by exploiting compromised Anodot authentication tokens, stealing personal data belonging to 119,200 people including email addresses and names. Vimeo disclosed the incident on April 27, noting that video content, login credentials, and payment information were not accessed. After Vimeo refused to pay a ransom, ShinyHunters leaked a 106GB archive on their dark web site. Have I Been Pwned analyzed the stolen data and confirmed the scope of exposure. ShinyHunters has also claimed breaches at the European Commission, Rockstar Games, McGraw Hill, Medtronic, and others in recent weeks, typically targeting companies via SaaS integrator credentials.
Table of contents
Related Articles:Sort: