Hackers steal massive screening database and threaten to leak all the details online

News
By
published

World-Check database stolen from a third party

Data leak
(Image credit: Shutterstock/dalebor)

Another day, another supply chain attack with potentially devastating consequences - this time around, sensitive data from World-Check was stolen by a relatively unknown threat actor, which now threatens to release the database online.

World-Check is a global database containing information on potentially high-risk people and entities. It is mostly used by financial institutions, governments, and other organizations, to run due diligence and comply with anti-money laundering, counter-terrorism financing, and sanctions screening laws. The company pulls data from various sources and creates profiles on people and organizations that could be associated with financial crime, terrorism, corruption, and similar. Other firms can then use this data to assess risks associated with their clients, business partners, and more.

It was acquired by the London Stock Exchange Group (LSEG) which, in 2021, purchased Refinitiv (World-Check parent company) from Thomson Reuters - but it wasn’t World-Check, or LSEG, that were breached. It was an unnamed third party, allegedly based in Singapore, which had access to the World-Check database.

Government officials and diplomats

TechCrunch spoke with the perpetrators, called GhostR, which said it stole 5.3 million records on thousands of people. 

Some of these people are government officials and diplomats, but there are also records on companies whose leaders are considered “politically exposed people”, or who are deemed susceptible to corruption or bribery. On the list are also persons accused of organized crime, terrorism, and more. 

While the data varies, it mostly contains people’s names, passport numbers, Social Security numbers, only crypto account identifiers, bank account numbers, and more.

The publication also reminds that World-Check is a privately run database and, as such, isn’t immune to errors that can label innocent people as terrorists or criminals. 

Almost a decade ago, an older copy of the World-Check database leaked. Subsequent analysis discovered a former advisor to the U.K. government with the “terrorism” label.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
healthcare
Over a million clinical records exposed in data breach
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
Data leak
Popular online bill paying site leaks data of thousands of users
Latest in Security
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
Latest in News
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Google Pixel 9 Pro
Here are the 7 best Pixel 9 and Pixel Watch 3 features landing in March’s Pixel Feature Drop
Bang & Olufsen Beogram 4000C Saint Laurent Rive Droite Edition
Bang & Olufsen's latest reworked turntable is a masterpiece of retro revival, in a breathtaking wooden presentation box
Apple Watch Series 10
Apple unveils new Apple Watch bands – here's what's in the Spring 2025 collection
More about security
A graphic showing fleet tracking locations over a city.

Lost & Found tracking site hit by major data breach - over 800,000 could be affected
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.

Microsoft Teams and other Windows tools hijacked to hack corporate networks
HTC Viverse

The company formerly known as HTC is doubling down on immersive worlds, AI, spatial computing and ... 6G?
See more latest
Most Popular
HTC Viverse
The company formerly known as HTC is doubling down on immersive worlds, AI, spatial computing and ... 6G?
A business woman looking at AI on a transparent screen
Businesses are facing an "AI Divide" - which could be the difference between success and failure
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Apple Vision Pro with Dassault Systèmes 3DEXPERIENCE platform
Dassault Systèmes teams up with Apple to use Vision Pro headsets to bring spatial CAD to life
Samsung 18.1-inch foldable OLED monitor
Samsung has launched a flexible portable monitor complete with a briefcase, one that seems to come straight from a James Bond movie
GenMachine Zhi mini pc
This is the smallest AMD PC I've ever seen: mysterious manufacturer uses Ryzen 3 APU with surprising results
Beelink ME Mini
One of our favorite mini PC vendors has launched a NAS that looks a bit like Apple's PowerMac G4 Cube PC - but way smaller
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Maserati MC20 Autonomous
This AI-driven Maserati just hit 197.7mph without a human behind the wheel