It appears that Texas-based outdoor WiFi provider TengoInternet was notified anonymously in April 2018 of a hack, but their investigation at that time reportedly revealed no credible evidence. In September, however, when they were reportedly contacted again by the same anonymous individual, they had credible evidence.
Was the anonymous party a whitehat researcher trying to alert them, or was the anonymous contact someone trying to extort them or harm them? It’s not totally clear from their press release but there is no mention of any extortion attempt, so it may just be a helpful whitehat trying to alert them. All TengoInternet reveals about that their press release is:
What Happened? On September 23, 2018, TengoInternet received evidence indicating an anonymous individual had accessed its database of consumer usernames and passwords for TengoInternet accounts, without authorization, in or prior to April 2018. TengoInternet had previously received similar communications from the same anonymous individual in April 2018; however, an investigation at that time, conducted with the assistance of an outside forensic investigator, determined the claims were not credible. While TengoInternet’s investigation is ongoing, they have no confirmation of any actual or attempted fraudulent misuse of consumer information resulting from this incident.
The TengoInternet notification includes legacy companies Nomad Networks, Airwave Adventures, and Nexu Innovations. The data in TengoInternet’s consumer database includes its consumers’ names, email addresses, mailing addresses, and/or TengoInternet usernames and passwords necessary to access the service. No payment card or other financial information was contained in TengoInternet’s consumer database.
Their complete press release follows:
TengoInternet Provides Notice of Data Security Incident