Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.
E27 described itself as Asia’s largest Tech media platform, it offers Asian technology startup news and a community where members can exchange opinions.
The company sent a security breach notification via email to its users.
“We regret this has taken place and apologise for any inconvenience this may have caused you.” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.” reads the notification sent to the users.
“The reason we are informing you is because we believe it’s the right thing to do and we want to be transparent. As a company, we believe that all community relationships must be built on trust and we want to be responsible members of the tech ecosystem. That is why we believe it is important to inform you of this incident,”
The company reported the incident to law enforcement and government authorities and it is awaiting their guidance.
According to BleepingComputer, the “Korean Hackers” group have stolen the source code and the data base of the company.
“In an email sent to BleepingComputer, the hacking group claims they stole “Source code” and a “Database – contains -> (emails, mobile, passwords, others docs, profile images, etc…. ).”” reported BleepingComputer.
“As proof of this attack, they provided images of the server’s file system and databases.”
The Korean Hackers group recently hacked Indian video on demand giant ZEE5 attackers and threatened to sell the database on the cybercrime underground markets.
Members of the E27 are recommended to change their password as soon as possible.
(SecurityAffairs – hacking, E27)