User information stolen in 14 data breaches is being sold on the online black market, potentially putting more than 144 million users at risk

According to Bleeping Computer, notorious data brokers are at the center of this operation; the 14 databases hold different types of information, but each contains user names and hashed passwords

The compromised databases originate from online food services, gaming websites, sports streaming services, financial services companies, clothing retailers, and various other businesses

The affected companies and services include Dark Throne, Efun, Fluke, Footers, HomeChef, JamesDelivery, KitchHike, KreditPlus, Minted, Playwings, Revelo, Tokopedia, Yotepresto, and Zoosk, with the stolen data totaling over 144 million records

According to the distributors of the stolen data, all of these breaches took place between January and June 2020; Bleeping Computer reports that of the 14 companies, only HomeChef, Minted, Tokopedia, and Zoosk have announced data breaches but Bleeping Computer stated that the data from the other companies appeared "legitimate"

Data brokers told Bleeping Computer that they sell the contents of each database for between $100 and $1,100 The largest database contains 91 million records for Indonesian e-commerce company Tokopedia, while the smallest database contains 115,000 records for Japanese food and travel site KitchHike

The same data brokers also sell data stolen from previously compromised companies These include Wirecard, ClickFunnels, Reverb Nation, ZyngaPoker, Star Tribune, and Epic Games

According to a screenshot posted by Bleeping Computer, the passwords for the KitchHike accounts were protected by the very strong hashing algorithm Bcrypt If so, the KitchHike password is probably secure, but there is no guarantee that passwords in other databases are protected in the same way

KitchHike data also included usernames, email addresses, real names, geographic locations, social media profiles, and phone numbers

If you have an account with a compromised website or online service, change your account password immediately and make sure your new password is strong and unique One of the best password managers will be of great help You should also contact the affected company for advice

If your information is indeed among the stolen data, you may want to consider the best identity theft protection services that can minimize the damage