Category: Computer Investigations
13 January, 2016
Thousands of fans of legendary dance band Faithless have had their data stolen as the result of a security breach on the act's official website, according to reports.
Perhaps even more worrying for fans is the news that even though the breach at faithless.co.uk was reported by the band's representatives this week (January 10th), it was actually first spotted in September of last year by a cyber security company.
Cyberprint, which discovered the hacking incident, said that as many as 18,000 of the band's fans may have had their data stolen, including information such as email addresses and passwords. It added that some of the data taken was made available for sale on the dark web.
The company said the attack was caused by hackers ploading malware through SQL injection on the site, which allows the attackers to execute malicious SQL commands, which control the website's database server.
Elad Ben-Meir, vice-president of marketing at Cyberprint, told the Independent: “We have a system that collects cyber threat intelligence in real time, and as part of our work we uncovered a Faithless database being sold on the dark web, and we flagged it up with them.
“I think they fixed the issue but they didn’t quite go out and tell anyone that, so that leaves their fans, about 18,000 people, unaware that their private information has been compromised," he went on to say.
This latest hack is not the first time music fans have been the target of an attack in recent months. In December, fans of singer Adele who were queuing online for tickets to her recently announced tour were shown the basket's and details, of other people trying to buy as a result of the site's security being compromised.