DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CORRECTION: The massive hack that wasn’t

Posted on September 20, 2016 by Dissent

UPDATE 9-21-2016 Over the past two days, DataBreaches.net provided the First Bank of Ohio with samples from two files that “Fear” claimed were from them. They have firmly denied that either file is theirs:

These have nothing to do with us. The second group are businesses that are applying for liquor licenses in Ohio.

The second file they are referring to is the file that had been mentioned in my first post on the claimed hack. The newer file is a file “Fear” has described elsewhere as “Ohio_transactions_2016.csv.”

So once again, “Fear’s” claims have been refuted.

Original post:

Yesterday, DataBreaches.net posted a report concerning claims of a massive hack by a teenager known as “Fear” (@hackinyolife on Twitter). In the headline, and throughout the report, this site attempted to note what proof Fear had provided, and as importantly, what proof he hadn’t provided, despite being asked for it.

Last night, after a lengthy chat with him in which he provided more files that still did not support the claims he had previously made, DataBreaches.net informed Fear that this site would be issuing a correction to its report. Fear subsequently issued a statement in which he says he trolled the media, but still claims to be in possession of banking information and millions of SSNs in a hack. He admits that he did not hack Neustar (a claim he had made to other news outlets), and now claims that he used an exploit to access approximately 30 states’ ftp servers.

You can read his latest claims in the correction and update, here.  To date, the only evidence Fear ever provided of banking data was the limited (and old) material he provided back in March when he claimed to have hacked the Bank of North Dakota, and some files he provided this site over the weekend that appear to relate to the First Bank of Ohio. This site has not seen any evidence that he acquired massive amounts of SSNs. Indeed, one file that he offered as proof that he had acquired SSNs had no SSNs in it at all.

It’s not fun finding out you’ve been lied to, although anyone reporting on hackers knows that hackers will lie, which is why we use caution in repeating claims and why we make serious efforts to try to verify reports. Does this site regret reporting his claims? Of course, even though the report used a lot of qualifiers and even though  it appears that some states’ ftp servers are probably not as secure as they should be and he was able to access them. If states improve their security as a result of all this, well, that would be one positive outcome.

Category: Breach IncidentsGovernment SectorHack

Post navigation

← OK: Saint Francis Investigating Hack by Seeming TDO Copycats
Report: Third-Party Breaches in the Healthcare Sector Are Nothing to Sneeze At →

1 thought on “CORRECTION: The massive hack that wasn’t”

  1. Beastytoy says:
    September 21, 2016 at 10:29 am

    Do you think he is legit or that he’s lying?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.
  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.