Cybercriminal forum Maza was recently hit by a data breach that led to the leak of user information. Earlier this week, experts at Flashpoint found the breach suffered by Maza, (earlier called Mazafaka) that has been on the web since 2003. It is a reserved and strictly restricted platform for Russian hackers. The group is involved in carding, which involves the selling of stolen credit card/financial information on the web, besides this, the forum discusses spam, exploits, malware, phishing attacks, money laundering, and much more. The hackers posted a warning message "This forum has been hacked/Your data has been leaked," after the successful breach of the platform.
An anonymous user offered 14 million data from Amazon and eBay accounts on a prominent hacking website for dissemination. The details seem to have been obtained from customers of Amazon or eBay having accounts from 18 countries between 2014-2021.
The year 2020 had been a year that witnessed a lot of data leaks and hacks of assorted kinds for apps and websites. This time it was the turn of an Osaka headquarters video game developer company, Capcom that became the victim of a data breach and ransomware attack in November 2020. Not only the company but its users have also been compromised because of this attack. As a result of the ransomware attack, Capcom had to shut down its assorted parts of the network including its email and file services.
Broker Freedom Finance admitted the fact of hacking its internal network and stealing data leaks about 16,000 clients of the company for 2018. The founder and CEO of the company Timur Turlov announced this on Instagram.
He called the incident "an extremely unpleasant and shameful incident in information security", which occurred on December 24, and admitted: "We screwed up."
According to him, one employee of the company received a phishing email, which he opened and ran on the local machine despite the security warning. "And then all the weak points of our security were revealed," said Turlov.
“Cyber ransomware attacked a segment of our internal network and stole some data from the local machines of a number of employees in Russia. These are machines belonging to the employees of a Russian broker that provides access to the Russian stock market and almost the entire data packet is dated 2018,” wrote Turlov on his Instagram.
Almost no customers who opened accounts in the United States were affected. The broker's international clients were not affected either.
He assured that hackers did not get access to CRM, back-office reports, trading platform data, and also did not get customer passwords.
Turlov promised that the company will contact affected customers as soon as possible, tell them what documents have been made publicly available, and advise on how to minimize risks.
"Of course, now we have completely cleaned out the network and all local machines, have already rebuilt it, and are convinced that data is no longer leaking," assured he.
Turlov believes that the system was hacked to blackmail the company with media publicity and extort money.
"The company has decided to admit its mistake and not cooperate with criminals," said Turlov.
On November 24, Ashot Hovhannisyan, the founder of the Data Leakage & Breach Intelligence (DLBI) service, announced the appearance of Freedom Finance's customer data.