Italian Email Service Provider breached – Stolen DB now on dark web

April 15, 2020
italian email provider breached darkweb compromised data stolendb

An Italian company, Email.It provides professional electronic mail services and electronic mail management systems for different companies, service professionals, and even for individual use.

Their wholly-owned email management systems, located on a private cloud, are all hosted in several tech locations within and close to Italy. Their entire infrastructure is complete with the latest in internet and server technology, phone systems, independent power distribution, online generators, and a reliable backup system all in place.

Yet, with all its purity, its business became just another target for a hacking group called NN Hacking Group (NN = NoName). The notorious hacking group has claimed the intrusion and confirmed the data breach dating back since 2018. Proof of the intrusion was provided via a Twitter post, which included photos and other information related to the breach. They even added that the stolen data contains records of active users registered since 2017.

According to the NN Hacking Group, they have performed the intrusion 2-years ago and took all and every protected data they could find from the italian company’s servers for ransom. They have reached out to Email.It as well to allow them to reclaim what was stolen – all in exchange for a small amount, of course.

These user records are now posted for sale on the Dark Web; all 44 databases containing usernames, passwords, email account security questions, private/personal email exchanges, plaintext SMS (short messaging service), including file attachments are up for grabs. The hacking group and their penetration protocols on the breach involved SQL injections, admin privilege escalation issues, variable code executions, etc.

The hacking group also claims that Email.It refused to speak to them regarding the breached database, refused to inform their customers, even after confirming that their information was indeed stolen. The case might be because the stolen data are from the free users, the hacking group said. The Italian company, Email.It has confirmed that all the paid professional accounts have not been harmed, and no financial information of any kind was stolen from them.

After confirming that Email.It has secured their servers and altogether refused to pay the ransom, the hacking group ultimately decided to put the stolen data up for sale on the Dark Web. They are sold via BitCoin, but when converted, prices range from US$3,000++ for a 350MB database, and well over US$20,000 for 5TB worth of data. The accumulated user data are guaranteed up-to-date according to the hacking group, with information from the database dated up until 2020.

In a yet unconfirmed statement, another bold claim by the NN Hacking Group is that they have attacked and are continuously attacking other service providers, but so far, Email.It was the absolute worst in terms of internet and server security and customer protection. Well, of course, they might just be saying that because they were refused payment of the ransom, we’ll never know.

It always pays to equip yourself with a robust cybersecurity—one that can help not just these types of intrusions, but your everyday operations. iZOOlogic is at the forefront of real-time threat intelligence and security solutions, including risk management. The perfect ally in today’s digital world.

About the author

Leave a Reply