fix the situation.

​

            ShinyHunters is a well-known data breach broker that will often sell or extort the data they have hacked into in order to gain profit. In rare cases, ShinyHunters would leak the data they stole onto a public website so criminals can use this data and information to commit ransom attacks on the users whose data was stolen. Unfortunately, ShinyHunters have been very active in 2021, where they have perpetrated multiple attacks on several companies (Bader, 2021). The article, “The Eeveelution of ShinyHunters: From Data Leaks To Extortion,” by Photon Research Team, states that the symbol of the ShinyHunters organizations is a creature named Umbreon from the popular video game franchise, Pokemon. This would also indicate that their organization’s name is derived from the same franchise. In the Pokemon community, there is a hobby called shiny hunting, a hobby with which it is believed this organization identifies with. We can only assume that their motivation has to do with something similar to Pokemon. Still, overall, this notorious group gives credit to the presumption that they are not some low-level hackers but rather one of the top contributors to cybercrimes.

​

            On January 20, 2021, ShinyHunters attacked the MeetMindful website, affecting about 2.238 million people (Gruen, 2021). Regrettably, ShinyHunters were able to steal 1.2GB of the users’ data which contains personal information such as their names, emails, locations, birthdays, IP address, relationship statues, accounts passwords, Facebook user IDs, authentication tokens and their dating preferences (Cimpanu, 2021). The MeetMindful website put out a statement that can be found under the heading User Security Notification by Keith Gruen. It is explained that they are unsure where the attack came from but that they were fortunate enough that the user messages weren’t exposed. Having said that, the information that ShinyHunters took was posted on a public hacking forum where people can download it and commit sextortion, a crime that varies from regular extortion as the threat will reveal information that is sexual in nature (Cimpanu, 2021). They demand the user to pay a ransom with the threat that they will expose the user information to their family or coworkers if not paid. Furthermore, the article “ShinyHunters Strikes Again! Data of 2.28 Mn ‘MeetMindful’ Users Leaked” by Cisomag states that the files have been viewed more than 1,500 times and have likely been downloaded a several number of times. Although this information is unfortunate for the users that were affected, we can only hope and take measures to ensure that this attack does not happen again.

​

             A curious detail of the MeetMindful case is that a criminal rarely wants to give away something they work so hard to steal. During the attack against MeetMindful, ShinyHunters made a peculiar choice in which they wanted to publish the data to the public. Woefully, MeetMindful was not the only company whose data was shown to the public but 18 other companies as well (Bader, 2021). For example, Pixlr, Wognai, and Tresspringv also fell victims to ShinyHunters (McAfee, 2021). The data was uploaded to a public forum for hackers where any criminal can access the data and contribute to a far worse fate for the users that were exposed. Although lamentable, MeetMindful was one of the more minor attacks from ShinyHunters’ grand plan. In total, ShinyHunters was able to affect 386 million users, a significantly greater amount when only compared to their work against MeetMindful, where they impacted about 2.28 million users.

​

            In the cybercrime community, it seems that dating websites are big attractions for cybercriminals as they often have large databases with detailed personal information about their users, with which it is easy to commit sextortion or other crimes. Being that MeetMindful is a dating website for those that are older than 18, it stands to reason that the company would make an effort to explain the event to its users and reassure them about measures they are taking to ensure such a breach of privacy does not happen again. The website’s disclaimer explains to users that only accounts created before March 2020 were breached, and those following that date are safe. Furthermore, the organization ShinyHunters tends to not target big-name companies despite the lucrative amounts of data they amass but instead go to smaller companies, despite the fact that it’s resulting in a smaller profit.

​

It is unknown if there are any active descendants of ShinyHunters but, considering they were very busy this year; it is safe to say that there are likely some active descendants. Disconcertingly, the MeetMindful website has stated that they are not sure where the attack came from nor how ShinyHunters was able to breach into their company’s databases and those of several others. The possibility of an active descendant is high, and since they’ve released this big attack to the public, it is also likely that they will go back to small companies that they previously attacked and try to steal their data again, but only time will tell.

​

Because it is currently unknown through where ShinyHunters were able to attack, MeetMindful decided to take into consideration areas in their security where the group might have been able to breach their databases. MeetMindful chose to review their systems and increase the security levels on all of their servers as well as their applications (Gruen, 2021). MeetMindful has also decided to work with others to find some resolution and defense plan to stop a similar attack from happening again (Gruen, 2021). MeetMindful has also asked their users that were affected to change their password and not to respond if someone emails them to give out more information and that they should instead call the MeetMindful support (Gruen, 2021). Hopefully, the next time MeetMindful faces such threats, they will be able to defend themselves as well as their users. We can only assume that other companies that were also attacked by ShinyHunters have also taken similar precautions.

​

There is not much information regarding the aftermath of ShinyHunters attack. It is said that ShinyHunters is currently under investigation by the FBI and other law enforcement (Cybleinc, 2021). ShinyHunters are still active to this day, and so far, none of their members seem to have been caught. Hopefully, no more people will have to result victims of a similar data breach as we await ShinyHunters’ capture. MeetMindful can only hope that the breach that ShinyHunters perpetrated has been patched up and will stop other attackers from getting through its cracks. We can also hope that one day such breaches in data and privacy are a thing of the past as we develop better and more secure technology.

​