Millions of Records from World-Check Database Stolen by Hackers

Introduction:
A financially motivated hacking group known as GhostR claims to have stolen a confidential database containing millions of records used by companies to screen potential customers for links to sanctions and financial crime. The hackers are threatening to publish the data online, causing concerns about privacy and security.

The Stolen Database and World-Check:
The hackers, GhostR, revealed that they stole 5.3 million records from the World-Check screening database in March. World-Check is a widely-used database that helps companies conduct “know your customer” (KYC) checks. It allows businesses to determine if potential customers pose a high risk of involvement in criminal activities such as money laundering or have connections to government sanctions.

The Hackers’ Claims:
According to GhostR, the stolen data includes individuals who were sanctioned as recently as this year. TechCrunch got a glimpse of the stolen data, which contains records on thousands of people. Among them are current and former government officials, diplomats, and private company leaders considered “politically exposed people” at higher risk of corruption or bribery. The list also includes individuals associated with organized crime, suspected terrorists, intelligence operatives, and even a European spyware vendor.

The London Stock Exchange Group’s Response:
Simon Henrick, a spokesperson for the London Stock Exchange Group (LSEG), which maintains the World-Check database, stated that this incident did not involve a security breach of LSEG’s systems. Instead, a third party’s data set, including a copy of the World-Check data file, was illegally obtained. Henrick emphasized that LSEG is working with the affected third party to protect their data and notify appropriate authorities.

The Role of Third-Party Companies:
While LSEG did not disclose the name of the third-party company involved, this incident highlights the potential risks associated with privately-run databases like World-Check. These databases rely on information from public sources such as sanctions lists and government sources, but they may contain errors that can negatively impact innocent individuals who have no connection to criminal activities.

Past Incidents and Concerns:
This is not the first time that the World-Check database has faced security issues. In 2016, an older version of the database leaked online due to a security lapse at a third-party company. This incident led to the unjust branding of several prominent British Muslims as terrorists by the database, resulting in the closure of their bank accounts by HSBC. Such incidents raise concerns about the accuracy and potential misuse of data in these databases.

Conclusion:
The theft of the World-Check database by GhostR highlights the vulnerabilities and risks associated with screening databases used by companies for customer due diligence. While LSEG emphasizes that this was not a breach of their systems, the incident underscores the need for enhanced security measures and accountability, particularly concerning third-party companies with access to sensitive data. It also raises questions about the accuracy and potential impact of privately-run databases like World-Check on innocent individuals.