DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hit with extortion demand after job applicants’ data hacked, Drake International refuses to pay

Posted on January 9, 2013 by Dissent

Christine Dobby reports:

Drake International, the Canadian-based job placement firm, confirmed Wednesday that it has been the victim of a hacking scheme by a group seeking to extort payment in exchange for not releasing the personal information of people who have used Drake’s services.

[…]

The hackers that contacted Drake on Monday, made their threats public Wednesday through the social media site Twitter, linking to a website where they outlined their demands for $50,000 to keep the stolen information private. They claim to have data on users from Canada, Australia, the United Kingdom and New Zealand.

Tony Scala, vice-president of marketing and client service at Drake, confirmed that the hackers had obtained names, email addresses, phone numbers and even passwords. He said the company would be contacting its affected users by email, suggesting that they change their passwords. Drake has been in touch with police and has no plans to negotiate with the hackers, he said.

Source: Financial Post.

The hack was announced on Tuesday by the @RexMundi_Anon account, who claimed that they had accessed 300,000 records:

RexMundi

In the statement on Pastebin, which I am not linking to because it contains some PII, the hackers, who provide their e-mail address, write:

Dear friends, foes and members of the media,

Our name is Rex Mundi. We previously hacked into the Web servers of Belgian companies Dexia and AGO Interim and, respectively, American, Dutch and French companies AmeriCash Advance, Accord.nl and Credipret.

Last week, we hacked into the server of Canadian multinational temp work company Drake International (drakeintl.com). We gained access to over 300,000 confidential job applicant records, in addition to data related to the company’s clients. The data stored inside the website’s database relates to candidates located in Australia, New Zealand, the UK and Canada.

We immediately contacted Drake International to offer them not to release the data in exchange of a mere $50,000 (fifty thousand US Dollars). So far, we have unfortunately not heard back from the nice folks over at Drake. Does this mean that they do not care about their clients and job applicants’ privacy? You be the judge.

They have until the end of this week to pay us. If they fail to comply, their entire database will be posted on Pastebin and on various other websites.

The hackers provided some sample data, sufficient apparently, for Drake International to confirm that the hackers were in possession of data.

The Toronto Police Service logged the report:

Extortion – 52 Division

Drake International Recruiting, 320 Bay Street, reports that on January 4, 2013, they received an email from unknown hacker agency advising they have hacked into their client database including contact details, names and passwords. The agency was asked to send a one-time payment of $50,000.00 U.S. to prevent the data records from getting released over the internet. The complainant with their other agencies around the world has agreed on not paying this group.

281/86481/13:36


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Hungarian police arrest suspect in cyberattacks on independent media
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Category: Breach IncidentsBusiness SectorNon-U.S.Of Note

Post navigation

← Follow-up: Dun & Bradstreet Unit Fined, Former Employees Sentenced
Cops Suspect Up to 300 Counts of Fraud In KTSU DJ Case →

1 thought on “Hit with extortion demand after job applicants’ data hacked, Drake International refuses to pay”

  1. the government jobs says:
    January 10, 2013 at 1:13 am

    i think it’s wrong. hacker is hack the website data and sell that email id and cv to other company and earn lots of dollar from this. government has to stop that person. are you agree with me?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.