DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CORRECTION: The massive hack that wasn’t

Posted on September 20, 2016 by Dissent

UPDATE 9-21-2016 Over the past two days, DataBreaches.net provided the First Bank of Ohio with samples from two files that “Fear” claimed were from them. They have firmly denied that either file is theirs:

These have nothing to do with us. The second group are businesses that are applying for liquor licenses in Ohio.

The second file they are referring to is the file that had been mentioned in my first post on the claimed hack. The newer file is a file “Fear” has described elsewhere as “Ohio_transactions_2016.csv.”

So once again, “Fear’s” claims have been refuted.

Original post:

Yesterday, DataBreaches.net posted a report concerning claims of a massive hack by a teenager known as “Fear” (@hackinyolife on Twitter). In the headline, and throughout the report, this site attempted to note what proof Fear had provided, and as importantly, what proof he hadn’t provided, despite being asked for it.

Last night, after a lengthy chat with him in which he provided more files that still did not support the claims he had previously made, DataBreaches.net informed Fear that this site would be issuing a correction to its report. Fear subsequently issued a statement in which he says he trolled the media, but still claims to be in possession of banking information and millions of SSNs in a hack. He admits that he did not hack Neustar (a claim he had made to other news outlets), and now claims that he used an exploit to access approximately 30 states’ ftp servers.

You can read his latest claims in the correction and update, here.  To date, the only evidence Fear ever provided of banking data was the limited (and old) material he provided back in March when he claimed to have hacked the Bank of North Dakota, and some files he provided this site over the weekend that appear to relate to the First Bank of Ohio. This site has not seen any evidence that he acquired massive amounts of SSNs. Indeed, one file that he offered as proof that he had acquired SSNs had no SSNs in it at all.

It’s not fun finding out you’ve been lied to, although anyone reporting on hackers knows that hackers will lie, which is why we use caution in repeating claims and why we make serious efforts to try to verify reports. Does this site regret reporting his claims? Of course, even though the report used a lot of qualifiers and even though  it appears that some states’ ftp servers are probably not as secure as they should be and he was able to access them. If states improve their security as a result of all this, well, that would be one positive outcome.

Category: Breach IncidentsGovernment SectorHack

Post navigation

← OK: Saint Francis Investigating Hack by Seeming TDO Copycats
Report: Third-Party Breaches in the Healthcare Sector Are Nothing to Sneeze At →

1 thought on “CORRECTION: The massive hack that wasn’t”

  1. Beastytoy says:
    September 21, 2016 at 10:29 am

    Do you think he is legit or that he’s lying?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.