A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. During an interview with The Hacker News, the hacker also claimed that many targeted companies have probably no idea that they have been compromised and that their customers' data have already been sold to multiple cyber criminal groups and individuals. Package 1: Databases From 16 Compromised Websites On Sale In the first round, the hacker who goes by online alias "gnosticplayers" was selling details of 617 million accounts belonging to the following 16 compromised websites for less than $20,000 in Bitcoin on dark web marketplace Dream Market: Dubsmash — 162 million accounts MyFitnessPal — 151 million accounts MyHeritage — 92 million accounts ShareThis — 41 million accounts HauteLook — 28 million accounts Animoto — 25 million accounts EyeEm — 22 million accounts 8fit — 20 million accounts Whitepages — 18 million accounts Fotolog — 16 million accounts 500px — 15 million accounts Armor Games — 11 million accounts BookMate — 8 million accounts CoffeeMeetsBagel — 6 million accounts Artsy — 1 million accounts DataCamp — 700,000 accounts Out of these, the popular photo-sharing service 500px has confirmed that the company suffered a data breach in July last year and that personal data, including full names, usernames, email addresses, password hashes, location, birth date, and gender, for all the roughly 14.8 million users existed at the time was exposed online. Just yesterday, Artsy, DataCamp and CoffeeMeetsBagel have also confirmed that the companies were victims of a breach last year and that personal and account details of their customers was stolen by an unauthorized attacker. Diet tracking service MyFitnessPal, online genealogy platform MyHeritage and cloud-based video maker service Animoto had confirmed the data breaches last year. In response to the news, video-sharing app Dubsmash also issued a notice informing its users that they have launched an investigation and contacted law enforcement to look into the matter. Package 2: Hacked Databases From 8 More Websites On Sale While putting the second round of the stolen accounts up for sale on the Dream Market—one of the largest dark web marketplaces for illegal narcotics and drug paraphernalia—the hacker removed the collection of the first round to avoid them from getting leaked and land on security initiatives like Google's new Password Checkup tool. Gnosticplayers told The Hacker News in an email that the second round listed stolen data from 127 million accounts that belonged to the following 8 hacked websites, which was up for sale for $14,500 in bitcoin: Houzz — 57 million accounts YouNow — 40 million accounts Ixigo — 18 million accounts Stronghold Kingdoms — 5 million accounts Roll20.net — 4 million accounts Ge.tt — 1.83 million accounts Petflow and Vbulletin forum — 1.5 million accounts Coinmama (Cryptocurrency Exchange) — 420,000 accounts Of the above-listed websites, only Houzz has confirmed the security breach earlier this month that compromised its customers' public information and certain internal account information. Like the first round, the recent collection of 127 million stolen accounts has also been removed from the sale on the dark web. Though some of the services are resetting users' passwords after confirming its data was stolen, if you are a user of any of the above-listed services, you should consider changing your passwords in the event you re-used the same password across different websites.