Email.it, an Italian email service provider has just disclosed a data breach into one of their servers. This breach led by a new hacking group called NN (No Name), claims to be compromising the server back in January 2018 and has been stealing data since then. Finally, they set-up the entire database for sale in a dark web forum, that contained over 600,000 customers data! This was after the Email.it refused to pay the bounty demanded by hackers.
Exfiltration and Extortion
Email.it is a fairly popular email provider, as it got hundreds of thousands of users already. The firm on Monday has opened about a critical data breach to ZDNet as, “Unfortunately, we must confirm that we have suffered a hacker attack.” Email.it has long stayed quiet regarding the breach, as it’s first known only after the NN hacking group reached Twitter for their promotions.
NN hacking group claims to be breaching into Email.it server more than two years ago, and been in there as APT. They have stolen every possible sensitive data and now, showed up in a dark web forum for selling! Their database consisted of records of more than 600,000 free users of Email.it. More specifically, the records include the username, password, sent/received emails along with their content and attachments! This whole data summed up to a few terabytes and is classified under various heads.
They’re now selling this bulk database for a price tag ranging from 0.5 BTC to 5 BTC, depending upon the package buyer chooses. The group claims to be contacting the Email.it in February this year and asked for a little bounty for the data. And when Email.it refused it, the NN group took up to dark web for selling and even using Twitter for promotions!
Email.it clarified that there’s no financial information stored in that server, thus no big worries. Further, the business email accounts were safe as they weren’t in that breached severe. The company has informed the incident to all relevant authorities, but haven’t reached to breached customers yet.