Concise Summary:
HaveIBeenPwned, a platform that helps individuals check if their email was compromised in data breaches, experienced a significant security breach. Unconfirmed reports indicate that hackers exploited an unknown vulnerability in the platform’s database owned by Microsoft Regional Director Troy Hunt to gain access to the entire database containing millions of email addresses. The attackers are now threatening to leak this information unless they receive a Bitcoin payment of $2500 within 72 hours. They also plan to inform website customers and partners about the hack, potentially damaging the platform’s reputation. The hackers claim to be affiliated with the Lapsus$ ransomware group, further raising concerns about the severity of the situation. This incident highlights the vulnerability of even trusted platforms and the ongoing threat of cyberattacks against individuals and organizations.
Key Points:
- The HaveIBeenPwned platform, which helps individuals check if their email address was compromised in a data breach, was hacked by cyber criminals.
- A hacking group, “Team Montesano”, has claimed responsibility for the attack and is suspected to be linked to the Lapsus$ ransomware group.
- The hackers have gained access to the entire database owned by Microsoft Regional Director Troy Hunt and are demanding Bitcoin as ransom.
- If the non-profit organization does not comply with the ransom demand, the hackers threaten to leak all of the compromised email addresses on the internet and damage the organization’s reputation worldwide.
- The hackers also aim to deindex the website from search engines using black hat SEO techniques, potentially crippling the platform’s traffic permanently.
Archive Links:
12ft: https://12ft.io/https://www.cybersecurity-insiders.com/cyber-attack-on-haveibeenpwned-leaks-email-data-to-hackers/
archive.org: HaveIBeenPwned Cyber Attack Leaks Email Data to Hackers
archive.is: https://archive.is/https://www.cybersecurity-insiders.com/cyber-attack-on-haveibeenpwned-leaks-email-data-to-hackers/
archive.ph: https://archive.ph/https://www.cybersecurity-insiders.com/cyber-attack-on-haveibeenpwned-leaks-email-data-to-hackers/
archive.today: https://archive.today/https://www.cybersecurity-insiders.com/cyber-attack-on-haveibeenpwned-leaks-email-data-to-hackers/
Original Link: https://www.cybersecurity-insiders.com/cyber-attack-on-haveibeenpwned-leaks-email-data-to-hackers/
User Message: Cyber Attack on HaveIBeenPwned leaks email data to hackers - Cybersecurity Insiders
For more on bypassing paywalls, see the post on bypassing methods