In November 2023, Kaggle's Career network, a platform primarily known for its data science competitions and online courses, fell victim to a significant data breach. This breach was disclosed by a notorious cybercriminal, IntelBroker, on BreachForums, a popular underground forum known for the trade of stolen data and hacking tools. The leak exposed sensitive information from approximately 3,000,000 companies, including details related to wages, job titles, worksite locations, and more.
Company Overview: Kaggle
Kaggle, a subsidiary of Google, is a prominent online community for data scientists and machine learning practitioners. Founded in 2010, the platform offers a variety of resources, including datasets, public notebooks, and courses. However, Kaggle is best known for hosting competitions where data scientists can compete to solve complex problems posed by companies and organizations. Over the years, Kaggle has become a go-to resource for data enthusiasts, boasting over 8 million registered users.
Despite its success and significant role within the tech community, this breach serves as a stark reminder of the vulnerabilities that even well-established companies face in the ever-evolving landscape of cybersecurity threats.
Breach Details: What Happened?
On November 25, 2023, IntelBroker, a well-known figure within the cybercriminal underworld, posted on BreachForums claiming responsibility for the breach of Kaggle's Career network. According to the post, the breach resulted in the exposure of sensitive data from millions of companies. The leaked data reportedly includes:
- Employer names
- Case status (likely related to employment or legal proceedings)
- Job titles and positions
- Full-time/part-time status
- Prevailing wages
- Worksite locations (including latitude and longitude coordinates)
- Year of employment
This treasure trove of information could be exploited in numerous ways, including targeted phishing attacks, corporate espionage, and identity theft. The exposure of such detailed wage and employment data also raises concerns about the potential for misuse in labor market analysis and wage manipulation.
Threat Actor Profile: IntelBroker
IntelBroker is a well-known cybercriminal with a reputation for high-profile data breaches. Associated with various leaks on BreachForums, IntelBroker has previously been linked to other significant data breaches, such as the infamous 888 breach, where millions of customer records were exposed. IntelBroker’s operations typically involve obtaining and selling or freely distributing large datasets, often causing substantial harm to the affected companies and individuals.
BreachForums, where this leak was announced, is a notorious marketplace where stolen data, hacking tools, and other illegal cyber resources are traded. Despite efforts by law enforcement to shut down such platforms, they continue to thrive, highlighting the persistent challenges in combating cybercrime.