Cyber crooks are offering for sale more than 30 SQL databases stolen from e-commerce shops from various countries. According to Bleeping Computer, malicious actors search for insecure servers exposed online, compromise them and leave a ransom note after copying the data from hacked servers.

Crooks are threatening to leak the content of the database if the victims don’t pay BTC 0.06 (approx. $534 at current price) in ten days. The ransom notes included several wallets that received more than 100 transactions for a total of BTC 5.8 ($51,633 at current price).

“The number of abuse reports for these two wallets is over 200, the oldest being from September 20, 2019. The most recent one is from May 20 and this month alone there were nine reports, indicating that the actor is highly active,” Bleeping Computer wrote.

The seller is offering 31 databases, more than half of which are from online shops in Germany, other compromised databases are from Brazil, the U.S., Italy, India, Spain, and Belarus. The hacked online shops were running Shopware, JTL-Shop, PrestaShop, OpenCart, Magento v1 and v2 e-commerce platforms.

The databases contain in total 1,620,000 rows, and depending on the store, the information includes email addresses, names, hashed passwords, postal addresses, gender, and dates of birth.