Email provider hacked, data of 600,000 users now sold on the dark web

Data over 600,000 users is currently sold on the dark web, ZDNet learned after following a tip from one of our readers.

“Unfortunately, we have to confirm that we have suffered a hacker attack,” the Italian email service provider said on Monday in a statement to ZDNet.

Failed extortion attempt

The hack was revealed on Sunday when the hackers took to Twitter to promote a dark web website where they were selling company data.

The hackers, known as the NN (No Name) Hacking Group, claim that the actual intrusion took place over two years ago, in January 2018. We quote on their website:

We breached data center over 2 years ago and we are setting up as an APT. We took all the sensitive data possible from their server and after that we chose to give them a chance to fill their holes by asking for a small bonus. They refused to talk to us and continued to cheat on their users / customers. They did not contact their users / customers after violations!

According to another post on their site, the hackers attempted to extort on February 1, when they demanded “a small bounty”.

A spokesperson for told ZDNet on Monday that the company refused to pay and instead informed the Italian Postal Police (CNAIPIC).

Following the failed extortion attempt, hackers are now selling company data for a asking price ranging from 0.5 to 3 bitcoin ($ 3,500 to $ 22,000).


Image: ZDNet

The hackers claim to be in possession of 46 databases that they stole from systems.


Image: ZDNet

By NN, the databases contain information about users who have registered for a free email account.

Hackers claim the databases contain plain text passwords, security questions, email content and attachments for more than 600,000 users who signed up and used the service between 2007 and 2020.


Image: ZDNet


Image: ZDNet

Hackers also claim to be in possession of plain text SMS messages sent through’s SMS sending service.

In addition, the hackers also claimed to have exfiltrated the source code of all web applications, including administration and customer applications.


Image: ZDNet did not dispute any of the claims on the hacker’s website. The only clarification provided by the company was to point out that no financial information was stored on the hacked server.

“The attack only affected a server containing administrative data (billing addresses and data for service communications),” told ZDNet. [translated message].

The company said it immediately fixed the server and notified authorities, including the country’s local data privacy regulator. also told ZDNet that no business accounts were affected because the information about paying customers was not stored on the hacked server.

Source link

June J. Lopez

Leave a Reply

Your email address will not be published.