Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.
E27 described itself as Asia’s largest Tech media platform, it offers Asian technology startup news and a community where members can exchange opinions.
The company sent a security breach notification via email to its users.
“We regret this has taken place and apologise for any inconvenience this may have caused you.” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.” reads the notification sent to the users.
“The reason we are informing you is because we believe it’s the right thing to do and we want to be transparent. As a company, we believe that all community relationships must be built on trust and we want to be responsible members of the tech ecosystem. That is why we believe it is important to inform you of this incident,”
The company reported the incident to law enforcement and government authorities and it is awaiting their guidance.
According to BleepingComputer, the “Korean Hackers” group have stolen the source code and the data base of the company.
“In an email sent to BleepingComputer, the hacking group claims they stole “Source code” and a “Database – contains -> (emails, mobile, passwords, others docs, profile images, etc…. ).”” reported BleepingComputer.
“As proof of this attack, they provided images of the server’s file system and databases.”
The Korean Hackers group recently hacked Indian video on demand giant ZEE5 attackers and threatened to sell the database on the cybercrime underground markets.
Members of the E27 are recommended to change their password as soon as possible.
(SecurityAffairs – hacking, E27)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.