Data of More Than 600,000 Email.It Users Has Been Hacked and Sold on the Dark Web

Data breaches have been a constant plague on the IT industry for a long time now. It seems that there's not a week that passes without news of another critical one being reported by a major company, such as Equifax or Decathlon. But what's arguably worse is that those that are reported are not by any means the only ones that are happening. No, as a matter of fact, the majority of data breaches these days are not reported and are only made known to the wider public when the party responsible for the attack leaks or tries to sell the stolen information on the dark web. This is precisely what happened with the Email.it data breach.

It appears that way back in January 2018 the Italian email provider suffered an attack that left the data of more than 600,000 of its users in the hands of the cybercriminals responsible for it. And we're not talking about superficial data either – this included passwords, other security details, account details, emails, attachments of said emails, billing addresses, etc.

Predictably, the hackers first tried to extort "a little bounty" out of the company, but to their credit Email.it refused it and went to the police with information of the attack. What's not to their credit, however, is the fact that the company took so long to admit that the breach even happened to the people who could suffer the most from the event – the Email.it users.

"Unfortunately, we must confirm that we have suffered a hacker attack" is hardly the most reassuring thing Email .it could have said, but it could be argued that it needed to be said to the users as soon as possible, not years after the breach had happened, and months and months after it was discovered, after a failed extortion attempt and after all the stolen data was already released on the dark web, for the modest asking price of 0.5 Bitcoin.

To quote US Senator Tom Carper, "When hackers are able to obtain someone's personal information, the consequences are real." This represents a view of many current legislators, more and more of who are waking up to the problem of the lack of proper legislature that accounts for such occurrences. The push to ensure justice is meted out not only to those who would commit cybercrime but to those who cover it up and thus create dangerous situations seems to be gathering momentum.

CEOs of tech companies have been catching a lot of flak over similar issues from politicians. The perfect example of this is US Senator Maggie Hassan accusing Equifax that "You're doing things [only] after a major breach." And she does seem to have a point – it's a company's responsibility to keep the information entrusted by its customers safe, and out of the grubby hands of internet ne'er-do-wells.

Unfortunately, companies are all too often negligent in the fulfillment of this duty – and now Email .it has joined the ranks of those that have been found wanting. And after the gaffe is revealed, the excuse always seems to be the same story about how the stolen information wasn't really all that crucial, since the financial details of the customers were stored on another server or something.

So What can Email.it Users do to Keep Themselves Safe?

Well, seeing as how all the information that Email.it users had stored on the site is already out there, they must assume that anything they had on that account could be used against them. They would do well to monitor any and all activities related to that account very carefully.

It is advisable that Email.it users check their contacts and correspondence for anything untoward. Additionally, it is recommended that all Email.it users immediately change their passwords, as well as the passwords of any other site that they used their Email.it addresses as an alternative or recovery email. Needless to say, other accounts that share the same passwords, because there are likely to be some in spite of all recommendations, should likewise be updated with fresh passwords post haste. It is also advisable that threatened users enable multi-factor authentication on their accounts whenever the feature is available, just to make sure their accounts are safe.

By Giles
April 16, 2020
Computer Security
English
April 16, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

The Consequences of the 2019 Wawa Data Breach: Private Data of Millions Is Sold on the Dark Web

Last week, researchers from threat intelligence firm Gemini Advisory noticed that there was a new offer on Joker's Stash, one of the Dark Web's most popular marketplaces for stolen credit card details. It was posted... Read more

February 6, 2020
Tips

What Is the Dark Web and What to Do to Ensure That Personal Data Does Not End up There

The term 'dark web' seems to be one of the most widely misused concepts in the world of online security. Partly because some journalists don't fully understand how things work on the internet, and partly because it... Read more

November 8, 2018
News

Is Your Personal Data Among the 620 Million Accounts That Have Been Placed for Sale on the Dark Web?

What do you need if you want to get your hands on just over 617 million account records stolen from 16 different websites? We have a surprisingly specific answer. You need an internet connection, about $16 thousand... Read more

February 13, 2019
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.