Mega-hack of celebrities exposes social security numbers, credit reports, and more...

Filed Under: Celebrities, Featured, Hacked, Law & order, Privacy

Beyoncé. Image from ShutterstockWhat connects Kim Kardashian, US Vice President Joe Biden, Hillary Clinton, Mel Gibson, Michelle Obama, Ashton Kutcher, Jay Z, Beyoncé, Paris Hilton, Britney Spears, Sarah Palin, Hulk Hogan, Donald Trump and Arnold Schwarzenegger?

They, and other public figures, appear to have had their personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) published by a group of hackers on a new website.

Clearly alarm bells have rung about the danger of identity theft.

And do you know what the hackers did to really rub the authorities nose in it?

They included in their list of victims the head of the Los Angeles police force Charlie Beck and FBI Director Robert Mueller.

Secret files

The Secret Files - "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve."

This isn't the kind of data we normally see leaked out onto the internet about celebrities. It's become more common to see hackers steal nude photos of Scarlett Johansson or Carley Rae Jepsen and publish them on the net to embarrass celebrities.

Well, the credit reports and social security numbers of public figures may not be as likely to catch the attention of the tabloids as leaked nude pics, but is nonetheless still a concern for those who have fallen victim.

The obvious question is - who is behind the website?

Frankly, there's not much to go on.

We have seen two tweets written in Russian from an account which appears to be associated with the site, and the words on the newly created website itself.

It looks as though the hackers have been adding more stolen personal information to the site over time, which might suggest that there could still be more to come.

The nature of the content - names, social security numbers, previous addresses, dates of birth, etc - suggest that a credit agency might have been compromised in some fashion. Whether an agency was actually hacked, compromised in some other fashion, or whether an insider within the organization leaked the data, is impossible to say at this point.

.SU domain TLDWe shouldn't also be too quick to conclude that just because the web address (which we are choosing not to repeat here) ends in .su, or the language used in the tweets is Russian, that the hackers come from that part of the world.

After all, it could be a deliberate smokescreen by the hackers to send investigators off the trail.

One word of caution - websites claiming to contain private information about celebrities are likely to receive a lot of traffic from curious members of the public, and some in the media may publish the web address.

Computer users, however, should be extremely careful about visiting such sites. After all, it would be trivial to plant a boobytrapped PDF on the site designed to infect visiting computers.

Over the last year or two we have seen many dangerous and cybercriminal websites switch from using .ru addresses to .su - where they are less closely regulated.

Update: Equifax and TransUnion say hackers stole celebrity reports

Beyoncé image from Shutterstock.

, , , , , , , , , , , , , , , , , , ,

You might like

6 Responses to Mega-hack of celebrities exposes social security numbers, credit reports, and more...

  1. Nigel · 944 days ago

    Well, this won't really solve the problem, but ICANN should have terminated the .su domain when the Soviet Union ceased to exist. The .su domain adminstrator --- Russian Institute for Public Networks (RIPN) --- has been accepting new registrations since 2001, and .su registrations have skyrocketed in recent years.

    RIPN's mission to support open communication in Russia seems reasonable and legitimate, but I guess this is another case wherein freedom inevitably potentiates the good and the not so good.

  2. Ronald · 944 days ago

    Hello Graham. Thanks for your post. Just wondering, do you update old posts when new information is found? I am really interested in the details of how attacks are carried out, and how the attackers accomplished what they did.

  3. Mark · 944 days ago

    Can you get malware simply from visiting the site without downloading anything?

  4. It looks like an organized operation with data collected from multiple sources and probably crafted by a well funded department.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley