Tag Archive for: Shuts

Discord.io Temporarily Shuts Down After Hack, Promises Security Overhaul

/in


A third-party service that let thousands of users create custom invites for Discord is temporarily shutting down following a hack.

Discord.io on Tuesday confirmed it suffered a “major data breach,” which resulted in a hacker downloading its entire database. “We were made aware of the breach later on in the day, and after confirming the content of the breach, we decided to shut down all services and operations,” Discord.io said in an announcement. 

The hacker, who goes by the name “Akhirah,” claims to have stolen data on 760,000 Discord.io users. Akhirah says the hack was motivated in part by the fact that Discord.io allegedly links to child sexual abuse material. The hacker tells Bleeping Computer they would be open to keeping the stolen information private if Discord.io deletes those links, but the stolen data is also currently available for sale on a hacking forum.

Discord.io says it’s “still investigating the breach, but we believe that the breach was caused by a vulnerability in our website’s code, which allowed an attacker to gain access to our database.”

The good news is that affected users don’t need to change their passwords on Discord itself because Discord.io was only storing Discord user IDs, not any Discord authentication tokens. 

Still, the hacker stole email addresses associated with Discord.io users, along with the billing addresses of those who made purchases on the service before it started using the Stripe and PayPal payments platform. 

In addition, a small number of users who signed up with Discord.io prior to 2018 had their password information stolen. However, the stolen password data was salted and hashed. “While your password was encrypted to industry standards, if it was not unique, we urge you to update any other site that might have used this password,” Discord.io adds.  

Although Discord.io has temporarily shut down, the service plans on returning with stronger security in place. “This will include a complete rewrite of our website’s code, as well as a complete overhaul of our security practices,” it says. 

Source…

Spyware maker LetMeSpy shuts down after hacker deletes server data

/in


Image Credits: JakeOlimb / Getty Images

Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims’ phones.

In a notice on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of the spyware service and that it would cease operations by the end of August. The notice said LetMeSpy is blocking users from logging in or signing up with new accounts.

A separate notice on LetMeSpy’s former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers.

“The breach consisted of unauthorized access to the LetMeSpy website’s database, downloading and at the same time deleting data from the website by the author of the attack,” the notice reads.

LetMeSpy’s app no longer functions, a network traffic analysis by TechCrunch shows, and the spyware maker’s website no longer provides the spyware app for download.

LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim’s phone home screen, making the app difficult to detect and remove. When planted on a person’s phone — often by someone with knowledge of their phone passcode — apps like LetMeSpy continually steal that person’s messages, call logs and real-time location data.

A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy’s website claimed prior to the breach that it controlled more than 236,000 devices.

The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.

LetMeSpy is the latest spyware operation to shut down in the past year in the wake of a security incident that exposed…

Source…

Guadeloupe shuts down computer networks after major cyberattack

/in


The French Caribbean island of Guadeloupe has shut down all its computer networks to protect data after a “large-scale cyberattack”, local authorities said Monday.

“As a security measure, all computer networks have been shut down to protect data and a diagnosis is underway,” the French overseas region said in a statement on Monday.

“A continuity of services plan has been put in place to ensure public services,” the regional authorities said, adding they had filed a complaint and sent a notification to the French data protection authority CNIL.

The region said it was also collaborating with the national police and the gendarmerie.

Guadeloupe is the latest French region to be hit by a cyberattack in recent months.

Hackers crippled a hospital near Paris in August and released patient data after the institution refused to pay a multimillion dollar ransom.

The port city of Caen in northwest France was hit at the end of September while the departments of Seine-Maritime and Seine-et-Marne were targeted in October and November respectively.

Read also:

Read more on RFI English

Read also:
French senator, former football boss hacked for criticising Qatar
France’s Thales says hackers claim to have stolen data
Hackers demand $10m to end cyber attack on Paris regional hospital

Source…

The Works hit by hackers, UK retailer shuts some stores after problems with payment tills

/in


UK high street retailer The Works has shut some of its stores following a “cyber security incident” which saw hackers gain unauthorised access to its systems.

According to a statement issued by the firm, which has over 500 stores across the country selling a range of cut-price books, art and craft materials, gifts, and stationery, the attack has caused issues with payment tills which have forced the closure of some stores:

There has been some limited disruption to trading and business operations, including the closure of some stores due to till issues. Replenishment deliveries to the Group’s stores were suspended temporarily and the normal delivery window for the fulfilment of online orders was extended, but store deliveries are expected to resume imminently and the normal online service levels are progressively being reintroduced.

While customers are experiencing longer delivery times for online orders, some stores are reported to only be accepting cash.

According to the retailer, customers have not had their payment card details exposed as a result of the security breach:

“All debit and credit card payment data are processed securely outside the group’s systems, via accredited third-party networks, and, therefore, there is no risk that this payment data has been accessed improperly.”

The Works says that it was “alerted to the incident by the operation of its security firewall,” and has disabled all internal and external access to its systems – including email – while it investigates the hack with an external team of cybersecurity experts.

In its statement, The Works has not confirmed that it suffered a ransomware attack and there is no indication that it has received a demand for cash from its attackers.

However, some media outlets are claiming that sources close to the incident are saying that computer systems were hit with ransomware after an employee fell victim to a malicious email.

The Works says that it has “made some immediate protective changes to further strengthen its security position,” and has informed the Information Commissioner’s Office (ICO) in case any customer data might have been exposed by the breach.

Source…