VK Data Leak Exposes 390 Million Users: HikkI-Chan Strikes Again

HikkI-Chan Claims Responsibility for VK Data Breach

A hacker known as “HikkI-Chan” has leaked the personal information of over 390 million VK users on the Breach Forums. The data, which includes city, country, full names, and profile image URLs, was allegedly obtained through a “second-order” breach, meaning it wasn’t directly stolen from VK’s servers but rather from a third-party source that had access to VK data.

VK data leak on Breach Forums

The Scope of the Leak and Data Exposed

The leaked data, amounting to over 27 GB in size, does not contain passwords or phone numbers. However, it includes:

• City: The user’s city of residence.
• Country: The user’s country of residence.
• Full names: The user’s full name.
• Profile image URLs: Links to the user’s profile image on VK.
• Email addresses: The exact number of email addresses leaked is unknown.

While the leaked information is significant, it’s primarily in the Russian language, which could limit its immediate use by threat actors outside Russia. The profile image URLs point to userapi.com, a domain associated with the VK application.

VK’s Response and Second-Order Breach Explanation

VK, the Russian social network similar to Facebook, has denied that there was a direct breach of their servers. They claim the leaked data was collected from publicly available sources.

UPDATE – 18:21 Tuesday, 3 September 2024 (GMT)

VK states: “We can confirm that there have been no security breaches of any kind, including those involving personal information. VK user data is securely protected, and the content in question was collected solely from publicly available sources. This information does not contain any confidential data but consists of details that our users have voluntarily shared on their profiles.”

However, HikkI-Chan has stated that the data was obtained through a second-order breach, where data from a previous breach was used to gain access to VK data.

“The data in question is from a second-order breach. It wasn’t sourced directly from VK but rather obtained through a third-party breach that exposed VK data,” the hacker said.

Inside the VK data leak

HikkI-Chan’s History of High-Profile Hacks

HikkI-Chan is a relatively new user on Breach Forums, but their activity can be traced back to March 15, 2024. They have claimed responsibility for numerous high-profile hacks, including:

• U.S. Department of Defense (US DoD): HikkI-Chan’s first claimed hack involved the US DoD.
• Israeli Police and Kavim (Israeli Public Transportation Company): HikkI-Chan has claimed to have targeted both entities.
• Turkish Citizenship Data: The hacker was selling personal and PII information of over 80 million Turks before the VK data leak.
• Florida Office of Financial Regulation: 8,639,326 records were allegedly leaked in this breach.
• FBI Files (Operation Priser): HikkI-Chan claims to have infiltrated government networks and extracted highly sensitive information, including “Terrorism Fighting Data, White House Mailing List, FBI Top Employees (Name, Role, Location), Federal Jobs Listing, FBI Employees’ Images, and much more.”

The Potential Impact of the VK Data Leak

Despite VK’s denial of a direct breach, the data leak poses a significant privacy threat to users. Cybercriminals can use the leaked information to create fake profiles, target users with phishing attacks, or even launch more sophisticated attacks. The data could also be valuable to state-backed hackers who are always seeking information for malicious purposes.

A Reminder of the Growing Threat of Cyberattacks

The VK data leak is a stark reminder of the ever-growing threat of cyberattacks. Organizations of all sizes, including social media platforms, must prioritize strong security measures to protect user data. This includes:

• Multi-factor authentication: Enforces an extra layer of security for user accounts.
• Encryption: Protects data in transit and at rest.
• Regular security assessments: Identifies vulnerabilities and weaknesses in security systems.
• Employee training: Educates employees on cybersecurity best practices and how to identify phishing attacks.
• Incident response planning: Develops a plan for responding to data breaches and other security incidents.

The VK data leak highlights the importance of vigilance and proactive security measures to protect user privacy and prevent future breaches.

It’s important to note that while VK claims the data was collected from publicly available sources, the nature of the leaked information (city, country, full names, profile image URLs) suggests that it was likely obtained through a breach, even if not a direct breach of their servers. The second-order breach scenario, as described by HikkI-Chan, is a plausible explanation, and the potential impact of this leak on VK users remains a significant concern.