500k Shadow PC users warned of breach as the threat actor behind the breach puts the stolen data up for sale

Shadow PC started warning over 500,000 customers of a data breach that exposed their private information, following a successful social engineering attack targeting its employees and as a threat actor claims to be selling the stolen data. 

Shadow is a cloud gaming service allowing users with high-end Windows PCs to run demanding AAA games on a virtual computer. 

“This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of our employee, himself a victim of the same attack,” reads the notice. 

Based on the description of the attack, the downloaded malware stole an authentication cookie that provided the hackers access to the management interface of one of the company’s SaaS providers. The attacker then abused the API to extract customers’ full names, email addresses, dates of birth, billing addresses, and credit card expiration dates. 

“After an attempt at amicable settlement, which they deliberately ignored, I decided to put the database up for sale,” said the threat actor on a hacking forum Wednesday night.

Emily Phelps, Director, Cyware:

   “While advanced security solutions are imperative for safeguarding digital assets, human-centric training is also crucial to address social engineering attacks. All organizations, regardless of their sector or size, should invest in continuous cyber-awareness training across the organization. This incident serves as a reminder that even the most sophisticated technology platforms are not immune to the age-old tactics of manipulation and exploitation.”

When you use a third party service, you have to trust that said service is secure. This clearly wasn’t the case here, and it looks like a half million customers will now pay the price.

One Response to “500k Shadow PC users warned of breach as the threat actor behind the breach puts the stolen data up for sale”

  1. […] action was timely as Shadow PC got pwned because one employee downloaded a Steam game boobytrapped with malware.  Ken Westin, Field CISO, […]

Leave a Reply

%d bloggers like this: