A financially motivated hacking group, known as GhostR, has claimed to have stolen a confidential database containing millions of records used by companies for screening potential customers for links to sanctions and financial crime.

The Heist

In March, the hackers allegedly stole 5.3 million records from the World-Check screening database. According to TechCrunch, the data was obtained from a Singapore-based firm with access to the World-Check database, although the company’s name has not been disclosed.

World-Check is a screening database used for ‘know your customer’ checks (or KYC), enabling companies to determine if prospective customers are high-risk or potential criminals. The database includes information on individuals who have links to money laundering, government sanctions, or organized crime.

A Threatening Stance

GhostR has threatened to publish the data online, which could potentially expose thousands of people, including current and former government officials, diplomats, private companies’ leaders considered ‘politically exposed people,’ and individuals accused of involvement in organized crime.

A portion of the stolen data shared with TechCrunch includes records on:

  • Individuals sanctioned as recently as this year
  • Current and former government officials
  • Diplomats
  • Private companies’ leaders considered ‘politically exposed people’
  • Individuals accused of involvement in organized crime

A Complicated Situation

Simon Henrick, a spokesperson for the London Stock Exchange Group (LSEG), which maintains the World-Check database, stated that the incident was not a security breach of LSEG’s systems. Instead, it involved a third-party data set containing a copy of the World-Check file, which was illegally obtained from their system.

LSEG has confirmed that they are liaising with the affected third party to ensure their data is protected and notifying appropriate authorities.

Background on World-Check

World-Check is currently owned by LSEG following a $27 billion deal to buy financial data provider Refinitiv in 2021. The database collects information from public sources, including sanctions lists, government sources, and news outlets, which are then provided as a subscription service for companies conducting customer due diligence.

Potential Consequences

Privately run databases like World-Check have been known to contain errors that can affect innocent people with no connection to crime but whose information is stored in these databases. In 2016, an older copy of the World-Check database leaked online following a security lapse at a third-party company with access to the data.

The leak led to several prominent British Muslims having their bank accounts shut down by HSBC due to ‘terrorism’ labels applied to their names.

A Call for Action

In response to this incident, experts and authorities are urging companies and individuals to exercise caution when handling sensitive information. The UK’s data protection authority, the Information Commissioner’s Office, has been contacted for comment but has not provided an immediate response.

Related News

  • Cannabis Company Stiiizy Says Hackers Accessed Customers’ ID Documents: A cannabis company, Stiiizy, has revealed that hackers gained access to customers’ identification documents.
  • Microsoft Accuses Group of Developing Tool to Abuse Its AI Service in New Lawsuit: Microsoft is suing a group for allegedly developing a tool to exploit its AI service.
  • Meet the Chinese ‘Typhoon’ Hackers Preparing for War: A report has highlighted the activities of Chinese hackers, known as the ‘Typhoon,’ who are preparing for cyberwarfare.