A group of hackers is threatening to leak millions of records containing sensitive information about politically exposed persons (PEPs) and other heightened-risk individuals and companies.
The data was stolen from World-Check on Thursday by the unheard-of hacking group Ghost R, which claimed responsibility for the attack by contacting several media platforms including TechCrunch and The Register.
World-Check is a database used by financial institutions and other companies to conduct know-your-customer (KYC) checks, in particular to screen potential clients for money laundering, terrorism, bribery and corruption. It contains 5.3 million records obtained from global watch lists, government records, official sanctions lists and media searches.
Ghost R showed part of the stolen data to TechCrunch, which reported that it includes information about “individuals who were sanctioned as recently as this year”, and records “on thousands of people, including current and former government officials, diplomats” and “individuals accused of involvement in organised crime, suspected terrorists, intelligence operatives and a European spyware vendor”.
The information varies across records, but it often consists of names, social security and bank account numbers, and explanations for being a part of the database, potentially including criminal records. However, reports of innocent individuals being identified as terrorists by World-Check in 2016 could make the data leak all the more hazardous.
Ghost R said it would start releasing the stolen data “soon”, which will reportedly include information about UK royal family members.
A spokesperson for the London Stock Exchange Group (LSEG), which owns and maintains World-Check, told Tech Monitor that the security breach did not occur to LSEG or its systems. “The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system,” the spokesperson said.
“We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified,” LSEG told Tech Monitor.
World-Check data previously leaked online
It is not the first time that World-Check has fallen victim to a data breach. In 2016, an out-of-date version of the database was leaked online after a similar incident, when a third-party company with access to the database mistakenly leaked it online.
The 2016 breach revealed that a number of individuals were falsely identified as terrorists, causing them to be locked out of banks.