SBC Recruitment

We've seen a steady stream of older breaches resurface lately, often repackaged and resold on Telegram channels. What really struck us about this particular leak wasn't the volume of records, but the age and obscurity of the source. The data had been circulating quietly, but we noticed it being offered alongside more recent and higher-profile breaches, suggesting someone is actively mining older incidents for potentially valuable information. The setup here felt different because the target, a defunct Japanese recruitment site, points to a more opportunistic than targeted campaign.

SBC Recruitment: The Ghost of Breaches Past Haunts 33k Users

A breach impacting the now-defunct Japanese employment website, SBC Recruitment, has resurfaced, exposing the data of 33,948 users. This incident, which occurred in November 2017, involves a database leak containing email addresses and password hashes. The re-emergence of this data highlights the long tail of data breaches and the persistent risk posed by compromised credentials, even from seemingly forgotten platforms. It was discovered when a threat actor posted the data for sale on a popular breach forum. The age and source of the breach caught our attention, suggesting an actor actively combing through older incidents for potentially reusable credentials. This matters to enterprises now because these credentials could be used in credential stuffing attacks or to gain access to accounts on other platforms where users may have reused passwords. It ties into the broader threat theme of credential harvesting and the automation of attacks leveraging older data.

Key point: Total records exposed: 33,948

Key point: Types of data included: Email Address, Password Hash

Key point: Sensitive content types: Potentially reusable credentials

Key point: Source structure: Unknown hash format, likely from a database

Key point: Leak location(s): Underground forum, Telegram channels

Key point: Date of first appearance: November 2017, resurfaced recently

While direct coverage of the original SBC Recruitment breach is limited, the incident aligns with a broader pattern of older breaches resurfacing in the threat landscape. A recent article on BleepingComputer detailed how threat actors are increasingly targeting older databases for credential stuffing attacks. This trend underscores the importance of proactive password management and monitoring for exposed credentials, even from services that are no longer in use.

Email · Address · Password · Hash