Half a million stolen passwords, emails for sale on dark web

Hackers stole personal data from more than a half million users of an Italy-based email service and posted the purloined information for sale online.

The servers at email.it were hacked two years ago. They contained passwords, security questions and email contents.

"Unfortunately, we must confirm that we have suffered a hacker attack," Email.It said in a statement to ZDNet, which broke the story Sunday.

The hackers, who obtained data from servers dating to 2007, put the information up for sale on the dark web this year, on Feb. 1.

In a statement the hackers posted on their site, they appear to view the act as part of just another business transaction.

"We breached Email.it Datacenter more than 2 years ago and we plant ourself like an APT [Advanced Persistent Threat]," the hackers, who call themselves NN (No Name) Hacking Group, said. "We took any possible sensitive data from their server and after we choosen [sic] to give them a chance to patch their holes asking for a little bounty."

The email.it company refused to pay the "little bounty" and instead notified Italian postal police authorities. The exact extortion amount was not revealed.

Following their failure to blackmail the company, NN listed their stolen data. They say it includes 46 databases filled with sensitive information about 600,000 users of the free email service. The hackers are listing the databases at prices ranging from 0.5 to 3 bitcoins per file. That translates to between $3,500 and $22,000.

Officials at email.it said no financial information from users was stored on any of their servers.
"The attack only concerned a server with administrative data" such as billing addresses, officials said. They also said paid subscribers of their business service were not affected.

The company has patched its servers.

This latest intrusion is reminiscent of a massive email server assault just over a year ago at VFEmail. In that instance, hackers erased data on all U.S. servers containing primary and backup information, leading the company to announce: "We have suffered catastrophic destruction at the hands of a hacker."

Kaspersky Lab, a multinational cybersecurity firm, advises consumer victims of major email hacks to take the following actions:

• Run a deep scan on your hard drive and delete any tagged malware.
• Change passwords on sensitive accounts.
• Contact online services such as banks, credit card companies, entertainment accounts, etc.
• Notify friends and other personal contacts whose information may have been lifted from address books in the assault.
• Change security questions and answers.