According to several media reports, a group of hackers who call themselves ‘Hack for Trump’ have tried to extort $30,000 USD after compromising a Bahamas-based financial services group.
Hack for Trump planned to publish the sensitive data it hoovered up from the Fidelity Bank breach, unless the bank coughed up the ransom.
The money is destined to support Trump’s presidential campaign, say the hackers.
Tribune Business received
the following statement:
“Our name is Hack For Trump and we wish to inform you that we hacked the website of Fidelity Group (fidelitygroup.com), an offshore bank with offices in the Cayman Islands and in the Bahamas.
“We did not get access to their customers’ financial data, but we managed to dump three databases serving their main website. This data contains various confidential details about the bank, as well as hundreds of e-mails sent by prospective and existing customers, both local and foreign ones.
“We demanded $30,000 from Fidelity Group, payable before Friday September 18, in exchange for not posting their databases on the Internet.
“If Fidelity does pay us, we plan on using those funds to help Donald Trump get elected to the White House, as he is the only candidate who can restore America to its former glory.”
Fidelity Bank’s chairman, Anwer Sunderji, confirmed
to Tribute Business that Hack for Trump made contact and demanded a ransom payment for not publically posting the hacked data online.
He said that the malfeasants “appeared to have hacked an external server that hosts Fidelity’s public website, adding that it holds ‘minimal information’.” The bank has been reassuring clients that there has been no widespread leak of personal financial data.
“We’re not going to pay them $30,000. It’s blackmail; a shakedown,” said the bank’s chairman.
Is it a worry that Fidelity’s chairman is sounding a little laissez-faire about the attack? He is quoted by the Tribute Business, saying “They hacked a vendor’s server, and got some information that’s not terribly important to us.” We can only hope the bank’s customers agree.
from the Nassau Guardian state data protection Commissioner Sharmie Farrington-Austin has launched an investigation into breach. She points out there there are four important elements for the data controller’s breach-management plan, “which she noted had been adopted from the United Kingdom.”
1. Containment and recovery
2. Risk assessment
3. Notification of breaches
4. Evaluation and response
Fidelity Bank is by no means the first company who suffered data loss, but it is the first extortion that I am aware of which is tied to supporting a presidential candidate. Trump is not new to online snafus. In August, his corporate website was reportedly hacked to give thanks to Daily Show’s then host, Jon Stewart.