What connects Kim Kardashian, US Vice President Joe Biden, Hillary Clinton, Mel Gibson, Michelle Obama, Ashton Kutcher, Jay Z, Beyoncé, Paris Hilton, Britney Spears, Sarah Palin, Hulk Hogan, Donald Trump and Arnold Schwarzenegger?
They, and other public figures, appear to have had their personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) published by a group of hackers on a new website.
Clearly alarm bells have rung about the danger of identity theft.
And do you know what the hackers did to really rub the authorities nose in it?
They included in their list of victims the head of the Los Angeles police force Charlie Beck and FBI Director Robert Mueller.
The Secret Files - "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve."
This isn’t the kind of data we normally see leaked out onto the internet about celebrities. It’s become more common to see hackers steal nude photos of Scarlett Johansson or Carley Rae Jepsen and publish them on the net to embarrass celebrities.
Well, the credit reports and social security numbers of public figures may not be as likely to catch the attention of the tabloids as leaked nude pics, but is nonetheless still a concern for those who have fallen victim.
The obvious question is – who is behind the website?
Frankly, there’s not much to go on.
We have seen two tweets written in Russian from an account which appears to be associated with the site, and the words on the newly created website itself.
It looks as though the hackers have been adding more stolen personal information to the site over time, which might suggest that there could still be more to come.
The nature of the content – names, social security numbers, previous addresses, dates of birth, etc – suggest that a credit agency might have been compromised in some fashion. Whether an agency was actually hacked, compromised in some other fashion, or whether an insider within the organization leaked the data, is impossible to say at this point.
We shouldn’t also be too quick to conclude that just because the web address (which we are choosing not to repeat here) ends in .su, or the language used in the tweets is Russian, that the hackers come from that part of the world.
After all, it could be a deliberate smokescreen by the hackers to send investigators off the trail.
One word of caution – websites claiming to contain private information about celebrities are likely to receive a lot of traffic from curious members of the public, and some in the media may publish the web address.
Computer users, however, should be extremely careful about visiting such sites. After all, it would be trivial to plant a boobytrapped PDF on the site designed to infect visiting computers.
Over the last year or two we have seen many dangerous and cybercriminal websites switch from using .ru addresses to .su – where they are less closely regulated.
Update: Equifax and TransUnion say hackers stole celebrity reports
Beyoncé image from Shutterstock.
6 comments on “Mega-hack of celebrities exposes social security numbers, credit reports, and more…”
Well, this won't really solve the problem, but ICANN should have terminated the .su domain when the Soviet Union ceased to exist. The .su domain adminstrator — Russian Institute for Public Networks (RIPN) — has been accepting new registrations since 2001, and .su registrations have skyrocketed in recent years.
RIPN's mission to support open communication in Russia seems reasonable and legitimate, but I guess this is another case wherein freedom inevitably potentiates the good and the not so good.
Hello Graham. Thanks for your post. Just wondering, do you update old posts when new information is found? I am really interested in the details of how attacks are carried out, and how the attackers accomplished what they did.
It appears that more details are beginning to emerge:
Can you get malware simply from visiting the site without downloading anything?
We haven’t seen any malware on the website. However, we would still not recommend visiting it.
It looks like an organized operation with data collected from multiple sources and probably crafted by a well funded department.