Hackers have released consumer data stolen from an online loan provider, after the company refused to pay an extortion fee.
"On June 12, AmeriCash Advance received a fax, telling us that part of our Web site had been hacked. The letter went on to demand initial payment of $15,000 from us," AmeriCash Advance, an online payday cash advance provider, said in a statement provided to CNET. "We immediately notified the appropriate authorities and promptly took steps to ensure that no other data could be accessed. We will not cave in to blackmail, and are cooperating fully with the authorities to protect our customers and bring these criminals to justice."
The breach was limited in scope, and the main concern is that the specific data exposed, which consists of names, e-mail addresses, last four digits of Social Security numbers, and the name of the customer's financial institution, could be used for phishing attacks, according to AmeriCash Advance.
"The section of the system that the criminals hacked into was the automatic e-mail responder section, the part of the system that sends an auto-reply to an applicant that their application has been received," the statement said. "We have notified those who have been affected and warned them to be vigilant. We are continuing to work closely with the authorities to identify the criminals."
A group of hackers calling themselves "RexMundi" announced the data dump on Twitter. RexMundi also has said it released data stolen from Belgian firms AGO-Interim and Dexia Bank, after they failed to pay extortion fees, threatening to release more data and increasing the amount of money demanded. Among others, the group said it had hacked the e-mail account of Taylor Lautner, a star in The Twilight Saga film series.
"To answer a popular question: We <3 hacktivists like @AnonymousPress . However, we're in it for the money, which is also pretty awesome," the RexMundi Twitter account said in one of its 44 tweets since the account was created on May 1. "How we miss the good old days of LulzSec."