Email provider got hacked, data of millions of users now sold on the dark web

Source : getty images

Italian email provider Email.it confirms security breach.

The data of more than 600,000 Email.it users is currently being sold on the dark web.,

“Unfortunately, we must confirm that we have suffered a hacker attack,” the Italian email service provider said in a statement to ZDNet on Monday.

Failed extortion attempt

The Email.it hack came to light on Sunday, when the hackers went on Twitter to promote a website on the dark web where they were selling the company’s data.

The hackers — going by the name of NN (No Name) Hacking Group — claim the actual intrusion took place more than two years ago, in January 2018. We cite from their website:

We breached Email.it Datacenter more than 2 years ago and we plant ourself like an APT. We took any possible sensitive data from their server and after we choosen to give them a chance to patch their holes asking for a little bounty. They refused to talk with us and continued to trick their users/customers. They didn’t contacted their users/customers after breaches!

According to another message on their site, the hackers tried to extort Email.it on February 1, when they asked for “a little bounty.”

An Email.it spokesperson told ZDNet on Monday that the company declined to pay and instead notified the Italian Postal Police (CNAIPIC).

Following the failed extortion attempt, the hackers are now selling the company’s data for an asking price that varies between 0.5 and 3 bitcoin ($3,500 and $22,000).

.

emailit-db-dw.png
Image: ZDNet

The hackers claim to be in possession of 46 databases they stole from Email.it’s systems.

emailit-db.jpg
Image: ZDNet

 

The hackers also claim to be in possession of plaintext SMS messages sent through Email.it’s SMS-sending service.

Furthermore, the hackers also said they exfiltrated the source code of all Email.it’s web apps, including admin and customer-facing applications.

Email.it did not contest any of the claims on the hacker’s website. The only clarification the company made was to point out that no financial information was stored on the hacked server.

 

Reference : https://www.zdnet.com/google-amp/article/email-provider-got-hacked-data-of-600000-users-now-sold-on-the-dark-web/

 

Related posts

Leave a Comment