Cyber Attack on HaveIBeenPwned leaks email data to hackers


HaveIBeenPwned serves as a platform for those who can search for their email address to find whether it was accessed by hackers via a data breach. But what if the platform itself gets infiltrated and leaks the whole of its database to cyber crooks?

Well, unconfirmed reports state that the entire database owned by the Microsoft Regional Director Troy Hunt was hacked by cyber criminals through an unknown vulnerability. And the whole of the data is in hands of threat actors who are now indulging in an extortion campaign threatening to leak the information if their demand for Bitcoins remains unheeded.

Troy is yet to confirm the incident, but one of his social media posts acknowledged it to a certain extent!

Hackers have released a news update that they now own the database filled with millions of email addresses that will be later sold to the highest bidder if the non-profit organization doesn’t bow to their demands.

Wait, the threat doesn’t end here! As the threat, actors added to their statement that they will start informing customers and business partners of the website about the hack to tarnish the image of the website on an international note.

The hackers seem to work with a vengeance, as they are threatening to use black hat SEO techniques to de-index the website in all countries, so that the website loses traffic forever.

A demand for $2500 BTC has been made by the criminals and if Troy and his staff miss the payment within a time frame of 72 hours, all the above stated threat tactics are sure to be implemented.

New hacking group named ‘Team Montesano’ has taken the claim of the attack and is apparently being linked to Lapsus$ Ransomware group.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display