Patreon hack victims are being ordered to pay a ransom to save their data

Last month popular crowd-funding site 'Patreon' saw a large-scale breach, which lead to the publication of nearly 15 gigabytes of customer data, constructed from names, addresses and donations. While a large amount of data was extracted as a result of this breach, representatives of the site reassured victims that credit card details were never exposed. Other data such as passwords, social security numbers and tax forms were stolen, but were heavily encrypted with a 2048-bit RSA key.

An email is now being distributed to victims of the hack, requesting bitcoins in order to save their leaked data. The extortionist is requesting 1 bitcoin in order to save customer details, which must be sent to a supplied bitcoin address. Upon further investigation it appears that the attached bitcoin address has seen almost no donations. The full version of the email can viewed below, shared by a victim of the hack.

It is unlikely that the above the email has been distributed by an individual related to the hack itself, and is rather a extortionist piggybacking on victim's privacy concerns. With the recent increase in 'ransomware', monetary demands to protect data have started to become a common occurrence. As with many incidents, this is most likely an attempt to scare victims into paying out bitcoin, rather than a danger to privacy. As the leaked data is already public, and the sender has distributed this email with a common bitcoin address, it is safe assume this is a small threat, if any.

Source: TechCrunch

Report a problem with article
Next Article

Microsoft suddenly decides not to offer Windows 10 November update via Media Creation Tool

Previous Article

Fake "Tweetium" beta on the Windows 10 Mobile app store stealing users passwords

9 Comments - Add comment