Italian Email provider Got Hacked, Data of 600,000 Users Sold on the Dark Web

Mail server

Email.it confirms security breach. More than 600,000 users of Email.it are currently being sold on the dark web.

“Unfortunately, we must confirm that we have suffered a hacker attack,” the Italian email service provider said on Monday.

On Sunday, the hacker Email.it came out on Twitter for a website on the Dark Web that sold the data of the company.

The hackers, called NN (No Name) Hacking Team, say the actual intrusion took place in January 2018 more than two years ago. We quote from your website:

According to Email.it

We breached Email.it Datacenter more than 2 years ago and we plant ourself like an APT. We took any possible sensitive data from their server and after we choosen to give them a chance to patch their holes asking for a little bounty. They refused to talk with us and continued to trick their users/customers. They didn’t contacted their users/customers after breaches!

On 1 February, the hackers attempted to extort Email.it when they demanded “a little reward,” according to another message from their website. A representative for Email on Monday told that the company was denied payment but then told the Italian Postal Police (CNAIPIC).

After the failed ransom attempt, the hackers now sell company data for a demanded price of 0.5 to 3 bitcoins ($3,500 and $22,000).

emailit-db-dw
credit; ZDNet

The hackers claim to have 46 databases from Email.it’s systems they stole.

The databases contain information about users who have signed up for a free email.it accounts via NN.

The databases include plaintext passwords, security questions, e-mail information, and email attachments for over 600,000 users who registered and used the service from 2007 to 2020.

Email.it did not deny any of the arguments on the website of the hacker. The company’s only explanation was that no financial information was kept on the compromised computer.

“The attack only concerned a server with administrative data (billing addresses and data for service communications),”

The company confirmed that it patched the server and informed the authorities, including the local data protection regulator of the region.

Email.it also told that no company accounts were compromised as paying customer information was not stored in the hacked server.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.