BreachExchange mailing list archives
Drake International the latest victim of hacking, extortion scheme against companies
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Thu, 10 Jan 2013 13:09:19 -0500
http://business.financialpost.com/2013/01/09/drake-international-confirms-database-with-user-information-hacked/ Drake International, the Canadian-based job placement firm, confirmed Wednesday that it has been the victim of a hacking scheme by a group seeking to extort payment in exchange for not releasing the personal information of people who have used Drake’s services. With offices in nine countries, Drake has become the latest victim in an increasingly common racket where companies face extortion threats from shadowy groups of hackers after a security breach. It’s a problem that may be too big for many businesses to solve themselves, but one they must address, or they face the risk of damage to their reputations and a potential loss of business. In the end I guess they’re bracing for the pain, but they’re doing the right thing Some “hacktivists,” such as the group that calls itself Anonymous, claim a moral or social purpose for their activities, seeking to bring corruption to light or hold governments’ feet to the fire. Others are just in it for the money. The hackers that contacted Drake on Monday, made their threats public Wednesday through the social media site Twitter, linking to a website where they outlined their demands for $50,000 to keep the stolen information private. They claim to have data on users from Canada, Australia, the United Kingdom and New Zealand. Tony Scala, vice-president of marketing and client service at Drake, confirmed that the hackers had obtained names, email addresses, phone numbers and even passwords. He said the company would be contacting its affected users by email, suggesting that they change their passwords. Drake has been in touch with police and has no plans to negotiate with the hackers, he said. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Drake International the latest victim of hacking, extortion scheme against companies Erica Absetz (Jan 10)