Hackers Leak 1.5M Users’ Details from Esports Site After Failed Ransom

Hackers Leak 1.5M Users’ Details from Esports Site After Failed Ransom

The details and personal information of over 1.5 million accounts in the care of the E-Sports Entetainment Association (ESEA) have been leaked online, after the company refused the random demands of hackers.

“The security breach that we were made aware of on December 27, 2016 resulted in the theft of user data by a threat actor,” reads the official statement from the ESEA. “This threat actor demanded a ransom payment and threatened to sell or publish the customer data. We do not give into extortion and ransom demands and we take the security of customers’ data very seriously.”

“In addition to investigating the incident and reporting it to the authorities, we have been working to isolate the vector attack and secure the vulnerability,” it continues. “This has led to some recent system downtime, for which we apologize and which we aim to keep to a minimum in the coming days.”

In an FAQ, the ESEA recommends that users change their passwords and security questions across all other accounts that might be using similar information. Compromised information includes usernames, emails, private messages, IPs, mobile numbers, forum posts, hashed passwords, and hashed secret question answers.

The ESEA was contacted on December 27 by the hackers, with a random demand of $100,000 USD. The company worked to patch the security loophole, informed their community, and on December 30 contacted the FBI to investigate.

The hackers leaked the information on January 8 when the ESEA refused their demands.

Source: Polygon



 

Relevant Articles

 

Comments Comments (6)

 
Posted by Xenojay
On Wednesday 11 Jan 2017 9:51 AM
1
So they were serious...

Boy, people are gonna be P*SSED with the ESEA, hahahaha.
 
 
 
Posted by AdamC
On Wednesday 11 Jan 2017 10:20 AM
2
People would be pissed if they paid them too. Moral of the story is get better security and make sure the hackers get what's coming
 
 
 
Posted by SpawnSeekSlay
On Wednesday 11 Jan 2017 11:25 AM
-
Well obviously they dont "take the security of customers’ data very seriously" if a) they didnt pay the demands (which im glad they didnt or it would only entice more of this behaviour) and b) there was a clear loophole in their system to hack and get the info (if they were serious the system would be checked and constantly rechecked by hack security firms)
 
 
 
Posted by Syn-Ryn
On Wednesday 11 Jan 2017 12:24 PM
1
Well at least ESEA wasn't secretly mining bitcoins on users computers this time.
 
 
 
Posted by jtbthatsme
On Wednesday 11 Jan 2017 9:07 PM
-
As annoying as it would be for those that have had their info leaked it is good they didn't pay this ransom. Good hackers can access any system if they want to. If they'd paid it would certainly encouraged more of this type of behaviour and still wouldn't guarantee they wouldn't release the info. Hope they get caught.
 
 
 
thomasammy15
Posted by thomasammy15
On Thursday 12 Jan 2017 4:40 PM
-1
11 January 2017, 09:51 AM Reply to Xenojay
So they were serious...

Boy, people are gonna be P*SSED with the ESEA, hahahaha.
my buddy's mom makes $77 hourly on the computer . She has been laid off for five months but last month her check was $18713 just working on the computer for a few hours. try this web-site

======= http://www.JobNews80.Com