The Customer

As one of the largest social media companies on the planet, this company has over a billion active users, and employs tens of thousands of people globally, and in 2020, earned roughly $86 billion in annual revenue.

The Problem

The market for buying and purchasing stolen accounts and databases is enormous. There is also a major market for the buying and purchasing of hacked or stolen social media accounts. Hackers are able to generate tens of thousands of dollars in revenue per week by selling access to hacked social media accounts, which they often advertise the sale of on the very platform whose customers they hacked.

In addition, unsecured public databases often leak sensitive data information, usually containing identifiable social media information. In many cases, data leaked through unsecured public databases is done so illegally via data scraping. In order to crack down on sites illegally collecting data on its users, this company needed a way to monitor public databases containing identifiable customer data in order to send the appropriate legal takedown notices.

The Solution

In February 2021, many news outlets reported “a coordinated takedown between several social media companies targeting account thieves”. Several of Shadowbyte’s key modules provided the critical intelligence needed to facilitate this. Stolen account shops, sellers, and resellers can be easily targeted and researched using Shadowbyte’s advanced forums, marketplaces searches, and watchlist features.

The targeting and coordinated takedown of servers leaking sensitive data customer information was facilitated using Shadowbyte’s ‘meta-search module, which crawls and tags metadata from public databases. Any data matching specific parameters were sent to internal incident response teams in order to begin the process of legally taking down any server or service illegally obtaining customer data.