Email.it, an Italian email service provider has just disclosed a data breach into one of their servers. This breach led by a new hacking group called NN (No Name), claims to be compromising the server back in January 2018 and has been stealing data since then. Finally, they set-up the entire database for sale in a dark web forum, that contained over 600,000 customers data! This was after the Email.it refused to pay the bounty demanded by hackers.

Email.it Data Breach
Email.it Data Breach

Exfiltration and Extortion

Email.it is a fairly popular email provider, as it got hundreds of thousands of users already. The firm on Monday has opened about a critical data breach to ZDNet as, “Unfortunately, we must confirm that we have suffered a hacker attack.” Email.it has long stayed quiet regarding the breach, as it’s first known only after the NN hacking group reached Twitter for their promotions.

Snippets of breached records
Snippets of breached records

NN hacking group claims to be breaching into Email.it server more than two years ago, and been in there as APT. They have stolen every possible sensitive data and now, showed up in a dark web forum for selling! Their database consisted of records of more than 600,000 free users of Email.it. More specifically, the records include the username, password, sent/received emails along with their content and attachments! This whole data summed up to a few terabytes and is classified under various heads.

Email.it Database for sale
Email.it Database for sale

They’re now selling this bulk database for a price tag ranging from 0.5 BTC to 5 BTC, depending upon the package buyer chooses. The group claims to be contacting the Email.it in February this year and asked for a little bounty for the data. And when Email.it refused it, the NN group took up to dark web for selling and even using Twitter for promotions!

Email.it clarified that there’s no financial information stored in that server, thus no big worries. Further, the business email accounts were safe as they weren’t in that breached severe. The company has informed the incident to all relevant authorities, but haven’t reached to breached customers yet.

Via: ZDNet

LEAVE A REPLY

Please enter your comment!
Please enter your name here