TechMassive VK data leak: Hacker exposes information of 390 million users

Massive VK data leak: Hacker exposes information of 390 million users

One of the hackers has disclosed data from 390 million users of the VKontakte (VK) service. How this data was obtained is unclear. However, the person behind the incident is known.

User data leaked from VKontakte
User data leaked from VKontakte
Images source: © Pixabay

5 September 2024 17:41

Hackread's analysis shows that data from over 390 million users of the VKontakte service have been leaked online. This service, similar to Facebook, is popular in Russia and other Eastern countries. Pavel Durov, who is also known for creating the Telegram app, created VKontakte.

As reported by Hackread, it is not entirely clear how the hacker obtained the data. It may have resulted from a breach from an external company. However, experts now believe the data could have been obtained through social media scraping.

A hacker using the pseudonym Hikki-Chan shared the data. He made public the data of over 390 million users on the Breach Forums platform. The data package he gathered is substantial—it exceeds 31 gigabytes.

Huge leak from VKontakte

The leaked data did not include phone numbers or passwords. However, it did include information such as city, country, full names, profile picture links, and email addresses. Although the amount of data obtained is significant, it is in Russian, which may hinder its use by other cyber criminals.

Authors from Hackread reportedly contacted the hacker. He stated that the data did not come from scraping and was not directly stolen from VK. Therefore, it was a "second-order" incident, meaning that VK was not directly breached, but the data was obtained through another breach that revealed VK data.

Data from scraping?

Although the hacker behind the attack has several successful large-scale actions in his portfolio, it is uncertain whether he is telling the truth. VKontakte denies the cybercriminal's scenario.

Representatives of VK responded to Hackread. In a statement, they said that there were no security breaches. All the data made public by the cybercriminal was available on publicly visible VK profiles.

Scraping is a technique for automatically extracting data from websites. This solution is not solely associated with cybercrime. Such techniques are also used for purposes such as analytics, price monitoring on given websites, competitor analysis, or checking user reviews. Unfortunately, this method can also collect a lot of data we share online. For this reason, it is worth considering how much we want to make public.

Related content
© Daily Wrap
·About us
·Terms of service
·Contact us
·Privacy policy
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.