In a startling revelation, the WorldCheck database, used by financial institutions for verifying the credibility of individuals and businesses, has fallen victim to a cyber-attack orchestrated by the notorious GhostR group.
The database, maintained by the London Stock Exchange Group (LSEG), serves as a vital tool in the fight against financial crime, housing sensitive information on money launderers, terrorists, and other high-risk entities. There are more than 5.3 million records as per some estimates.
The breach, confirmed by LSEG, underscores the vulnerability of global data repositories to sophisticated cyber threats.
According to reports, GhostR gained unauthorized access to the database, which contains over five million records, including detailed profiles of individuals ranging from government officials to private company leaders.
“This was not a security breach of LSEG/our systems,” clarified an LSEG spokesperson. “The incident involves a third party’s data set, which includes a copy of the WorldCheck data file.”
What is WorldCheck Database?
The compromised database, integral to Know Your Customer (KYC) protocols, is routinely accessed by banks and financial institutions during client onboarding processes. It draws information from various open sources, including sanction lists, government databases, and regulatory enforcement lists. The leaked records, provided to media outlets by GhostR, include sensitive details such as full names, job roles, birth dates, aliases, and even security numbers, alongside categorizations indicating criminal status or other risk factors.
GhostR’s threat to leak the database poses a significant challenge to global financial security, as the exposure of such sensitive information could have far-reaching implications. The group’s intentions to disclose records of individuals, including members of royal families, raise concerns about the potential misuse of the data for extortion or other illicit activities.
Previous WorldCheck Hack
The incident evokes memories of a previous data breach in 2016, when World-Check’s security was compromised due to a lapse at a third-party company. Despite efforts to fortify defences, the latest breach highlights the persistent threat posed by cyber-criminals to sensitive data repositories.
The 2016 breach however highlighted the errors in the working of the companies like WorldCheck. This incident revealed that a former advisor to the U.K. government had been labelled as a “terrorism” risk by World-Check. Following this breach, banking giant HSBC took action by closing the bank accounts of several prominent British Muslims who had been similarly labelled in the World-Check database.
Who owns WorldCheck?
World-Check is currently owned by the London Stock Exchange Group following a $27 billion deal to buy financial data provider Refinitiv in 2021. LSEG collects information from public sources, including sanctions lists, government sources and news outlets, and then provides the database as a subscription to companies for conducting customer due diligence.
The fallout from the breach extends beyond security concerns, as WorldCheck’s practice of labelling individuals as high-risk has faced scrutiny in the past. The indiscriminate branding of individuals can lead to unintended consequences, such as financial exclusion, where individuals find themselves unable to open bank accounts or access essential financial services due to their inclusion in the database.
These incidences have grave consequences too.
In response to the breach, LSEG is collaborating with the affected third party to mitigate the impact and safeguard sensitive data. Efforts are underway to notify relevant authorities and stakeholders about the incident, as the global financial community braces for potential repercussions.
As the investigation unfolds, the WorldCheck breach serves as a stark reminder of the ongoing battle against cyber threats and the imperative of robust cybersecurity measures in safeguarding critical financial infrastructure. In an increasingly interconnected world, the protection of sensitive data remains paramount to preserving trust and integrity in the global financial system.