Email.it Data Breach Exposes 600,000 Users’ Information for Sale on the Dark Web
According to a report by ZDNet, personal data belonging to 600,000 users of the email provider Email.it has been put up for sale on the dark web. Representatives from Email.it have confirmed that the breach is real and that user information was compromised.
Details of the Data Sale
The breach came to light over the past weekend when hackers began advertising on Twitter and on a dark web site, offering the stolen data for sale. The group behind the attack, calling themselves the NN (No Name) Hacking Group, claims that the actual breach occurred more than two years ago, in January 2018.
“We hacked the Email.it data center over two years ago and infiltrated it as an APT. We extracted all possible confidential data from their server, then decided to give them a chance to fix their security holes by demanding a small reward. They refused to communicate with us and continued to deceive their users/clients. They did not contact their users/clients after the breaches!” the hackers wrote.
Another message on the group’s site provides more details. According to them, on February 1, 2020, the hackers attempted to extort money from Email.it. Email.it representatives told ZDNet that the company did indeed refuse to pay the hackers and instead reported the incident to law enforcement authorities.
What Data Was Stolen?
The hackers are now trying to monetize the stolen information by selling user data for prices ranging from 0.5 to 3 bitcoins (about $3,500 to $22,000). The group claims to possess 46 databases stolen from Email.it.
The stolen databases reportedly contain information on users with free email accounts. The data dump is said to include unencrypted passwords, security questions, email contents, and attachments for more than 600,000 people who registered and used the service between 2007 and 2020. The hackers also claim to have obtained SMS messages sent through Email.it’s SMS service.
In addition to the data dump, the hackers boast that they managed to delete the source code for all Email.it web applications, including those for administrators and clients.
Email.it’s Response
During conversations with journalists, Email.it representatives did not deny the hackers’ claims. The company emphasized that the compromised server did not contain any financial information or data belonging to paying customers. The vulnerability on the previously affected server has reportedly been fixed.