“Huge Stolen Sanctions and Financial Crimes Watchlist at Risk: Hackers Vow to Expose”

Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist The stolen World-Check database contains 5.3 million recordsA financially motivated hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime. The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online. A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year. The incident involves a third party’s data set, which includes a copy of the World-Check data file. Banking giant HSBC shut down bank accounts belonging to several prominent British Muslims after the World-Check database branded them with “terrorism” tags.

A hacker group known as GhostR has claimed to have gained access to a confidential database containing millions of records used by companies for screening potential customers for links to sanctions and financial crime. The stolen database, known as World-Check, is said to contain 5.3 million records and the hackers are threatening to publish the data online. It is believed that the hackers targeted a Singapore-based firm with access to the database, although they have not named the specific company.

The World-Check database is commonly used for “know your customer” checks, allowing companies to assess the risk level of potential customers and determine if they have any ties to money laundering or government sanctions. In an interview with TechCrunch, the hackers stated that they obtained the data from a third-party company with access to the database.

A spokesperson for London Stock Exchange Group, the current owner of World-Check, confirmed the breach but stated that it was not a security breach of their own systems. They clarified that the incident involved a third-party’s data set and that they are working with the affected company to ensure the protection of their data. The spokesperson did not name the third-party company but did confirm that 5.3 million records were stolen.

The portion of stolen data shared with TechCrunch includes records of thousands of individuals, including government officials, diplomats, and companies with leaders considered “politically exposed people” who are at a higher risk of involvement in corruption or bribery. The list also contains names of people accused of organized crime, suspected terrorists, intelligence operatives, and even a European spyware vendor.

The stolen data contains various personal information such as names, passport numbers, Social Security numbers, banking information, and online crypto account identifiers.

London Stock Exchange Group acquired World-Check in 2021 as part of a $27 billion deal to buy financial data provider Refinitiv. The company collects information from public sources, such as government lists and news outlets, and provides it as a subscription to companies for conducting customer due diligence.

However, privately run databases like World-Check have been known to contain errors that can negatively impact innocent individuals who have no connection to crimes. In 2016, an older version of the database leaked online due to a security flaw at a third-party company with access to the data. It was discovered that a former advisor to the U.K. government was labeled as a “terrorist” in the database, leading to banking giant HSBC shutting down the bank accounts of several British Muslims.

A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not provide a statement on the current breach.