Asian media firm E27 has become the latest organisation to fall victim to a cyberattack. According to Bleeping Computer, hackers are currently demanding for a small “donation” to provide information on the vulnerabilities they have used in the attack.
On Friday, June 26, company CEO Mohan Belani revealed the incident via an email notification sent to their members. According to Belani, the incident, which he described being a “malicious cyber attack,” happened Thursday, only a day before the notification was sent.
“We regret this has taken place and apologise for any inconvenience this may have caused you,” the email reads.
According to E27, the company uses Facebook and LinkedIn for account login and doesn’t store passwords on its system.
“If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers,” it added.
Founded in 2007, E27 claims to be Asia’s largest Tech media platform. Specifically, with its platform, start-ups can share insights, get news, broaden their connections, hire talents, and seize funding opportunities.
The latest cyberattack, according to Bleeping Computer, was conducted by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”. In an email sent to the online news outlet, the hacking group claimed to have stolen source code and a database containing emails, mobile, passwords, and other data from the company.
“As proof of this attack, they provided images of the server’s file system and databases,” Bleeping Computer wrote.
Earlier this month, the same hacking group claimed to have breached the systems of Indian video-on-demand service ZEE5 and threatened to sell the company’s database on the underground market. To date, the team is asking E27 for a “small donation” in exchange for the information on how they breached the company and how E27 can fix the vulnerabilities.
In a statement to Bleeping Computer, E27 CEO Belani said that the company has already alerted the relevant government and law enforcement authorities about the breach.
“Our primary focus right now is to work with our various stakeholders to get the platform fully up and running so that we can serve our users and focus on our Mission. We are thankful to be working with various community leaders in the cybersecurity space who have reached out with support and guidance and offered a lot of support,” he explained.