Follow us:
  1. Home
  2. News
  3. Cybersecurity News

The Weekly Hack: Hackers used one marine’s stolen info to steal cars and get surgery

A hacker is advertising the sale of 620 million log-ins obtained from WhitePages, Coffee Meets Bagel, MyFitnessPal, and other services

Photo (c) welcomia - Getty Images
One missing wallet proved to be especially valuable to skilled identity thieves.

A marine named Brandon Reagin for years has faced accusations that he was stealing cars and then undergoing surgery without paying for it. He traces the bizarre accusations back to 2004, when he lost his wallet. The wallet thief used the information to somehow obtain Reagin’s healthcare data.

Ever since then, Reagin says that he regularly has to make phone calls to creditors and hospitals to get the unpaid hospital bills taken off his credit report.

"It worked until the next billing cycle," he told CBS.

Though the identity thief is now in prison, "that hospital may still have his information, his blood type under my name at that hospital," Regain added.

Hacker sells millions of log-ins

A single hacker has access to over 620 million usernames and passwords from 16 different services and is trying to sell them on the Dark Web.

The British Newspaper The Register discovered the sale on Dream Market, an online market part of a Dark Web network called Tor. For less than $20,000 in Bitcoin, the hacker offered the consumer login information belonging to the following services:

  • Dubsmash (162 million)

  • MyFitnessPal (151 million)

  • MyHeritage (92 million)

  • ShareThis (41 million)

  • HauteLook (28 million)

  • Animoto (25 million)

  • EyeEm (22 million)

  • 8fit (20 million)

  • Whitepages (18 million)

  • Fotolog (16 million)

  • 500px (15 million)

  • Armor Games (11 million)

  • BookMate (8 million)

  • CoffeeMeetsBagel (6 million)

  • Artsy (1 million)

  • DataCamp (700,000)

The services either have already warned consumers about data breaches in recent years or months, or confirmed to the newspaper that their data had been hacked recently.

Coffee Meets Bagel, a dating app, had to make the unfortunate announcement to its users on Valentine’s Day.

“As a reminder, we never store any financial information or passwords,” the service told users.

The seller told The Register that one person already purchased the records for Dubsmash, a video messaging app where users can lipsync over music videos and film clips.

Security Experts say that login information is valuable to identify thieves because buyers can potentially re-use the same passwords for numerous apps -- yet another reason to use different passwords for all of your different accounts.

Take an Identity Theft Quiz

Get matched with an Authorized Partner

    Share your comments