Patreon hack victims hit by extortionists

KraysA group which has been extorting victims of Ashley Madison hack has moved on to those who had their data exposed in the Patreon hack.

DD4BC which has a history of extortion and DDoS attacks has been sending out emails to those who were hit in the Patreon hack to demand a bitcoin is sent to them or the Patreon user will have their personal information exposed:

“Unfortunately, your data was leaked in the recent hacking of the Patreon web site and I now have your information. I have your tax id, tax forms, SSN, DOB, Name, Address, Credit card details and more sensitive data. Now, I can go ahead and leak your details online which would damage your credit score like hell and would create a lot of problems for you.”

So far it has been not quite, but totally unsuccessful as Patreon are not as frightened of exposure as the Ashley Madison users who were often worried about having affairs exposed.

Patreon, who by all accounts has done a decent job dealing with the breach since it was announced in September, warned users an email addressing the recent extortion attempts.

The letter, penned by Jack Conte, Patreon’s CEO and co-founder, debunks the scam and informs users that the company is working with law enforcement on the matter.

“I learned yesterday evening that some Patreon users have been receiving a scam email. The sender claims to have the recipient’s SSN, credit card number and other personal information. I want to assure everyone that the claims in this email are false, and we are already working with federal law enforcement.

Tax forms we store are securely encrypted with RSA 2048-bit encryption, and we do not store full credit card numbers. If you receive this email I suggest you flag it as spam and ignore any further emails. Do not reply, he said.