A hacker group known as GhostR has claimed to have gained access to a confidential database containing millions of records used by companies for screening potential customers for links to sanctions and financial crime. The stolen database, known as World-Check, is said to contain 5.3 million records and the hackers are threatening to publish the data online. It is believed that the hackers targeted a Singapore-based firm with access to the database, although they have not named the specific company.
The World-Check database is commonly used for “know your customer” checks, allowing companies to assess the risk level of potential customers and determine if they have any ties to money laundering or government sanctions. In an interview with TechCrunch, the hackers stated that they obtained the data from a third-party company with access to the database.
A spokesperson for London Stock Exchange Group, the current owner of World-Check, confirmed the breach but stated that it was not a security breach of their own systems. They clarified that the incident involved a third-party’s data set and that they are working with the affected company to ensure the protection of their data. The spokesperson did not name the third-party company but did confirm that 5.3 million records were stolen.
The portion of stolen data shared with TechCrunch includes records of thousands of individuals, including government officials, diplomats, and companies with leaders considered “politically exposed people” who are at a higher risk of involvement in corruption or bribery. The list also contains names of people accused of organized crime, suspected terrorists, intelligence operatives, and even a European spyware vendor.
The stolen data contains various personal information such as names, passport numbers, Social Security numbers, banking information, and online crypto account identifiers.
London Stock Exchange Group acquired World-Check in 2021 as part of a $27 billion deal to buy financial data provider Refinitiv. The company collects information from public sources, such as government lists and news outlets, and provides it as a subscription to companies for conducting customer due diligence.
However, privately run databases like World-Check have been known to contain errors that can negatively impact innocent individuals who have no connection to crimes. In 2016, an older version of the database leaked online due to a security flaw at a third-party company with access to the data. It was discovered that a former advisor to the U.K. government was labeled as a “terrorist” in the database, leading to banking giant HSBC shutting down the bank accounts of several British Muslims.
A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not provide a statement on the current breach.
To contact this reporter, get in touch on Signal and WhatsApp at +1 646-755-8849, or by email. You can also send files and documents via SecureDrop.