Cybercrime , Fraud Management & Cybercrime

Hacker Threatens to Expose Sensitive World-Check Database

'GhostR' Claims to Have 5.3 Million Records from Major Screening Database
Hacker Threatens to Expose Sensitive World-Check Database
A hacker is threatening to publish data from the World-Check know-your-customer database owned by the London Stock Exchange Group. (Image: Shutterstock)

A hacker who allegedly stole a critical database maintained by the London Stock Exchange Group containing information on terrorists, potential criminals and high-risk individuals is now threatening to leak troves of the sensitive data online.

The threat actor known as GhostR said Thursday it would soon begin releasing some of the 5.3 million stolen records from World-Check, a screening database used by banks and other institutions to combat financial crimes and enforce government sanctions.

The hacker claimed to gain access to the database through a Singapore-based firm with World-Check access. The firm had a continuous integration server that had administrative access on by default, according to posts on a popular hacking forum reviewed by Information Security Media Group . TechCrunch first reported the leak.

The London Stock Exchange Group confirmed to TechCrunch the breach of the third-party data set and said the hackers had not gained access into its any LSEG systems.

"We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified," An LSEG spokesperson said.

World-Check has previously faced data compromises since it was first established in 2014, including two years later when a copy of the database was discovered on an unsecured third-party server.

The hacking group said in a post it will first leak a list of “thousands of royal family members from 46 countries whom are actively included in this blacklist.” They claimed to have stolen the entirety of World-Check’s records up until March 29, when the database was last updated before the hacking.

According to TechCrunch which reviewed a portion of the stolen data, the records include suspected terrorists, individuals associated with organized crime and others who are "at a higher risk of involvement in corruption or bribery." The names reportedly include both current and former government officials from across the globe, while the data features everything from social security and passport numbers, to online cryptocurrency account identifiers and banking information.

About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.