A financially motivated felony hacking group says it has stolen a confidential database containing hundreds of thousands of information that corporations use for screening potential clients for hyperlinks to sanctions and monetary crime.
The hackers, which name themselves GhostR, stated they stole 5.3 million information from the World-Examine screening database in March and are threatening to publish the information on-line.
World-Examine is a screening database used for “know your customer” checks (or KYC), permitting corporations to find out if potential clients are excessive danger or potential criminals, corresponding to folks with hyperlinks to cash laundering or who’re below authorities sanctions.The hackers instructed TechCrunch that they stole the information from a Singapore-based agency with entry to the World-Examine database, however didn’t identify the agency.
A portion of the stolen information, which the hackers shared with TechCrunch, consists of people who have been sanctioned as just lately as this 12 months.
Simon Henrick, a spokesperson for the London Inventory Change Group, which maintains the database, instructed TechCrunch: “This was not a security breach of LSEG/our systems. The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system. We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified.”
LSEG didn’t identify the third-party firm, however didn’t dispute the quantity of information stolen.
The portion of stolen information seen by TechCrunch incorporates information on 1000’s of individuals, together with present and former authorities officers, diplomats, and personal corporations whose leaders are thought-about “politically exposed people,” who’re at a better danger of involvement in corruption or bribery. The record additionally incorporates people accused of involvement in organized crime, suspected terrorists, intelligence operatives, and a European spyware vendor.
The info varies by document. The database incorporates names, passport numbers, Social Safety numbers, on-line crypto account identifiers and checking account numbers, and extra.
World-Examine is presently owned by the London Inventory Change Group following a $27 billion deal to purchase monetary information supplier Refinitiv in 2021. LSEG collects info from public sources, together with sanctions lists, authorities sources, and information retailers, then gives the database as a subscription to corporations for conducting buyer due diligence.
However privately run databases, like World-Examine, are recognized to include errors that may affect entirely innocent people with no nexus or connection to crime however whose info is saved in these databases.
In 2016, an older copy of the World-Examine database leaked online following a safety lapse at a third-party firm with entry to the information, together with a former advisor to the U.Okay. authorities that World-Examine had utilized a “terrorism” label to his identify. Banking big HSBC shut down bank accounts belonging to a number of outstanding British Muslims after the World-Examine database branded them with “terrorism” tags.
A spokesperson for the U.Okay.’s information safety authority, the Info Commissioner’s Workplace, didn’t instantly touch upon the breach.
To contact this reporter, get in contact on Sign and WhatsApp at +1 646-755-8849, or by email. You can even ship recordsdata and paperwork through SecureDrop.
