'ShinyHunters puts data from 700,000 customers of Dutch travel agency BCD on the dark web'

The business travel agency BCD is the victim of a data breach after a hack by ShinyHunters. According to the criminal hacker group, the data of 700,000 customers was stolen. It is reported that this data is now being offered on the dark web.

BCD writes in a statement, which has been seen by the Financieel Dagblad, that it 'recently saw suspicious activity via an internally used account'. The company has taken measures and is now investigating how big the leak actually is. Services have not been affected by the hack, the travel agency says.

ShinyHunters says it had access to more than 700,000 Salesforce records and several SharePoint sites containing company data. According to dark web analyst Jordy Bovenschen of cybersecurity company Passguard, the hacker group now offers a file of more than 30GB on the dark web. ShinyHunters demanded that BCD pay a ransom by June 1. The company does not appear to have done that.

ShinyHunters has claimed more victims this year. In May, the criminal group stole data from students and teachers through a hack on the Canvas education software. Instructure, the company behind the software, then decided to pay a ransom. Odido fell victim to a hacking attack in February and did not pay the ransom. The provider said last month that it still supports that decision.