GnosticPlayers

GnosticPlayers is a computer hacking group, which is believed to have been formed in 2019 and gained notability for hacking Zynga, Canva,  and several other online services.

The Independent reported that GnosticPlayers had claimed responsibility for hacking other online businesses, and stealing hundreds of millions of credentials from web databases such as MyFitnessPal, Dubsmash, and fourteen others; and subsequently selling these credentials on the dark web.

Reported members
In 2020, cybersecurity author Vinny Troia published a report listing the following core group members:


 * Maxime Tallet, who went under the aliases DDB, Casper, RawData and Pumpkin, was the seller of the group.
 * Nassim Benhaddou, who went under the alias Prosox, was a member of the group and was known to be Gabriel's early associate. According to Troia, Benhaddou later went on to form the group ShinyHunters.

In 2019, Nassim Benhaddou, Gabriel Kimiaie-Asadi Bildstein, as well as Maxime Tallet, were arrested after Gabriel confessed that they hacked Gatehub. The hack reportedly involved the theft of $9.5 million worth of cryptocurrency.

Companies affected
GnosticPlayers have taken public responsibility for the following data breaches:

500px • 8fit • 8tracks • Animoto • Armor Games • Artsy • Avito • BlankMediaGames • Bookmate • Bukalapak • Canva • Chegg • CoffeeMeetsBagel • Coinmama • Coubic • DailyBooth • DataCamp • DubSmash • Edmodo • Epic Games • Evite • EyeEm • Fotolog • GameSalad • Gatehub • Ge.tt • GfyCat • HauteLook • Houzz • iCracked • Ixigo • Legendas.tv • LifeBear • Live Journal • LovePlanet • mefeedia • MindJolt • MyFitnessPal • MyHeritage • MyVestigage • Netlog & Twoo • OMGPop • Onebip • Overblog • Petflow • PiZap • PromoFarma • RoadTrippers • Roll20 • ShareThis • Shein • Singlesnet • Solstice • Storenvy • StoryBird • StreetEasy • Stronghold Kingdoms • Taringa • Wanelo • WhitePages • Wirecard • Yanolja • Yatra • YouNow • Youthmanual • Zomato • Zynga

A report published by security research firm Night Lion Security states that the core members of GnosticPlayers (who are also connected with groups The Dark Overlord and Shiny Hunters) have been involved in 25% of non-credit card related data breaches between January 1, 2017 and June 30, 2020.