Posted on April 7, 2020 at 6:36 PM
More than 600,000 user emails have been exposed and hacked from Italian email provider Email.it. Right now, the details of the hacked emails are sold on the dark web.
The Italian email service provider confirmed the situation yesterday. “Unfortunately, we must confirm that we have suffered a hacker attack,” Email.it revealed. The company also reiterated that no financial details were lost.
The situation of the hack on Email.it was revealed on Sunday when the hackers responsible for the hack started selling the compromised emails on the dark web and through Twitter. The hackers were also promoting their dark web through the social media platform.
According to the reports on the situation, the hackers have been identified as NN hacking group. The hackers, in their recent claims, said they began operation over two years ago, as stated in their dark website.
Accounts offered for sale after a failed bounty
From the information gathered from the dark web owned by the hackers, the group said the service provider’s datacenter was breached over two years ago when they planted their system like an APT. After breaching the server and data, the actors revealed that they gave Email.it the opportunity to reclaim their data and develop a patch for the vulnerability. In return, they asked for a little ransom.
NN hacking group reiterated that the email service provider did not respond to their request, but continued to deceive their customers/users that everything is in place.
The message also revealed that NN hackers decided to extort the email service provider on February 1 and requested for a bounty afterward. However, Email.it declined the request and instead reported them to the Italian Postal Police.
According to a spokesperson of Email.it, the hackers contacted the company and asked for a ransom before they could reclaim their compromised emails and develop a patch. But it was in the best interest of the company to decline at that time and report the case to the Italian police.
After the hackers failed in the extortion attempt, they decided to sell their loot to anyone interested. According to information available on the dark web, the company’s data are now sold to the public from 0.5 BTC ($3,500) to 3 BTC ($22,000).
Hackers stole 46 databases from Email.it
The hackers are claiming to be holding about 46 databases they took from the Email.it’s server. According to the NN hackers, the databases contain details about users who have signed up for a free Email.it accounts.
The databases contain email attachments, email content, security questions, and plaintext passwords of over 600,000 users. The users who are affected have been using the hacked account since 2007.
Apart from details of the users’ email accounts, the hackers reiterated that they have SMS messages sent via the SMS-sending service of Email.it.
Also, the hackers admitted that they infiltrated sources of all the web apps of Email.it, including customer-facing apps and admin apps.
Email.it did not deny any of the assertions made by the hackers on their website. But it was quick to point out that the stolen databases do not contain any financial information, and does not significantly affect the company.
Email accounts of paid users are not affected
The company reiterated that the attack only affected administrative data, including data for service communications and billing addresses. It told reporters that it has already patched the server and informed authorities for further investigations.
Email.it also stated that there was no business account affected since information about paid users is not usually stored on the hacked server.