Hackers steal massive screening database and threaten to leak all the details online

News
By Sead Fadilpašić
published

World-Check database stolen from a third party

Data leak
(Image credit: Shutterstock/dalebor)

Another day, another supply chain attack with potentially devastating consequences - this time around, sensitive data from World-Check was stolen by a relatively unknown threat actor, which now threatens to release the database online.

World-Check is a global database containing information on potentially high-risk people and entities. It is mostly used by financial institutions, governments, and other organizations, to run due diligence and comply with anti-money laundering, counter-terrorism financing, and sanctions screening laws. The company pulls data from various sources and creates profiles on people and organizations that could be associated with financial crime, terrorism, corruption, and similar. Other firms can then use this data to assess risks associated with their clients, business partners, and more.

It was acquired by the London Stock Exchange Group (LSEG) which, in 2021, purchased Refinitiv (World-Check parent company) from Thomson Reuters - but it wasn’t World-Check, or LSEG, that were breached. It was an unnamed third party, allegedly based in Singapore, which had access to the World-Check database.

Government officials and diplomats

TechCrunch spoke with the perpetrators, called GhostR, which said it stole 5.3 million records on thousands of people. 

Some of these people are government officials and diplomats, but there are also records on companies whose leaders are considered “politically exposed people”, or who are deemed susceptible to corruption or bribery. On the list are also persons accused of organized crime, terrorism, and more. 

While the data varies, it mostly contains people’s names, passport numbers, Social Security numbers, only crypto account identifiers, bank account numbers, and more.

The publication also reminds that World-Check is a privately run database and, as such, isn’t immune to errors that can label innocent people as terrorists or criminals. 

Almost a decade ago, an older copy of the World-Check database leaked. Subsequent analysis discovered a former advisor to the U.K. government with the “terrorism” label.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.