According to our analysis, 123RF suffered a data breach earlier this year in March while its database was leaked on a hacker forum on November 8th.
The highly popular Image stock site 123RF.com has been hacked and as a result, its database with 8.3 million users has been leaked on an infamous hacker forum for download.
123RF is part of Chicago, Illinois based Inmagine Group. The website is an industry giant known for selling royalty-free images to customers which include individuals and businesses around the globe. The service has more than 12 million active users.
The database has been seen and analyzed by Hackread.com and it can be confirmed that it contains the following:
Facebook profile links
Addresses including postcodes
Date of account registration on 123RF
Location including Country, States, and cities
It can also be confirmed that the database was originally stolen on March 22nd, 2020, and leaked last week on an infamous hacker forum.
Who hacked 123RF?
The hacker behind the 123RF data breach is the infamous ShinyHunters. The same hacker was behind some of the largest and high profile data breaches in 2020 including:
WattPad – 271 million accounts leaked
Dunzo – 11GB worth of data leaked
Dave.com – 7 million accounts leaked
Bhinneka – 1 million+ accounts leaked
Minted – 5 million accounts leaked
ProctorU – 444,267 accounts leaked
Tokopedia – 91 million accounts leaked
Couchsurfing – 17 million accounts leaked
Mashable – 5.22GB worth of database leaked
Animal Jam – 46 million user accounts leaked
What’s next for 123RF.com users?
The data breach is massive and contains both sensitive and personal data. What’s worse is that the leaked password hashes are in the MD5 algorithm which is easy to crack. Therefore, if you are a 123RF user it is advised that you change your email and account password right now.
Since the database also contains Facebook profile links of users along with their email address it can be a perfect opportunity for web scrappers to collect this data and sell it to advertisers. Furthermore, the presence of phone numbers in the database can also lead to SMS Phishing and Sim Swapping attacks.
Has 123RF acknowledged the breach?
Although 123RF has confirmed suffering data breach to another publication, Hackread.com was the very first publication to alert the company of the incident but did not receive any statement from them whatsoever.
🔥🚨 It looks like the stock content agency @123rf has suffered a massive #databreach as a threat actor is claiming to sell 8.3 million user accounts. There are 95 email addresses in sample data – almost every email address has an account already registered with #123rf. pic.twitter.com/QXT6q1GvFq
— Hackread.com (@HackRead) November 8, 2020