SOCRadar® Cyber Intelligence Inc. | Data Breach at Zacks Investment Research: 8.8M Customer Records are Exposed
Home

Resources

Blog
Jun 13, 2023
4 Mins Read

Data Breach at Zacks Investment Research: 8.8M Customer Records are Exposed

Zacks Investment Research has suffered an undisclosed data breach. As a result, a threat actor has shared the breached database on a hacker forum, revealing the records of approximately 8.8 million Zacks customers.

The data breach has been included in the records of Have I Been Pwned, the renowned breach notification service. 

Zacks Investment Research has been listed on Have I Been Pwned.
Zacks Investment Research has been listed on Have I Been Pwned.

This most recent leak notification from Zacks is found to have occurred prior to a previously disclosed data breach. 

820K Zacks Customers’ Data Compromised in Previous Data Breach

In January 2023, the investment research and analysis company reported a data breach, which happened between November 2021 and August 2022. According to an internal investigation, unauthorized hackers accessed the personal and sensitive data of about 820,000 Zacks customers during the incident.

The compromised data included full names, addresses, phone numbers, email addresses, and user passwords. Zacks stated then that the hackers did not obtain any financial information, credit card information, or other personal information as a result of this breach. 

According to Troy Hunt, the creator of Have I Been Pwned, the newly leaked database appears to have been compromised on or around May 10, 2020, predating the Zacks breach disclosed in January. 

What Type of Information Does the Leaked Database Comprise?

The compromised database of 8.8 million records contains various customer information such as email addressesusernamesunsalted SHA256 passwordsaddressesphone numbersfull names, and other related data.

Sensitive financial details, such as credit card information or bank account information, do not appear in the database, implying that the hackers were unable to access this type of data.

Zacks Data Leaked on Exposed Forum

After the breach Zacks experienced in January, they initiated a password reset procedure. Still, only a fraction of the breached accounts were addressed, leaving the majority vulnerable to account hijacking and credential stuffing.

Users of Have I Been Pwned can check if their email was included in the recently leaked data by visiting the site.

The company’s database was posted on the Exposed hacking forum, and hackers may use it for phishing and credential-stuffing attacks. Exposed is a newly established hacking forum that gained notoriety after publishing a database containing the personal details of nearly 500,000 members from the now-defunct RaidForums.

Threat actor leaks Zacks database containing 8.8 million records.
Threat actor leaks Zacks database containing 8.8 million records.

Prior to the leak, it appears that a threat actor operating within the same forum attempted to sell a database of Zacks Investment Research, which allegedly contained 10 million lines of data. The following image was shared in the comments section of the newest Zacks leak post. 

The threat actor puts Zacks database on sale with a Telegram message.
The threat actor puts Zacks database on sale with a Telegram message.

Therefore, it is strongly recommended that all Zacks users change their passwords to unique ones that are exclusive to that site. If you have used the same password for Zacks on other websites, it is crucial to change your passwords on those sites as well.

Dark Web Threat Detection with SOCRadar

SOCRadar Dark Web Monitoring is a service that helps organizations identify and respond to threats on the dark web. SOCRadar continuously monitors the dark web for mentions of your organization’s assets. If SOCRadar finds any mentions of your organization on the dark web, it will send you an alert so that you can take action to mitigate the threat.

SOCRadar Dark Web Monitoring 

Also, you can use our Account Breach Labs service to check if your information has been exposed online.