Italian Email Provider Email.it Breached; Data for Sale on Dark Web

While Email.it claims that customer payment information was not exposed, that does not mean that impacted customers are safe from fraud as CSO and VP James Carder of LogRhythm Labs points out: “Email.it’s claim that no financial information was stored on the hacked server isn’t completely accurate. It’s likely that some of their customers shared sensitive data in the body of an email or in attachments. This very well could have included financial details, like bank statements and social security numbers, or even copies of driver’s licenses, pictures of their families, or other personal documents and information that could be exploited. Therefore, the attackers gained unfettered access to this information, bypassing any security and encryption controls in use – assuming there were some.”