The hacker known as Abhaxas (@Abhaxas on Twitter) has uploaded a database with what appears to be 4,827 JLAudio’s users’ first and last names, street addresses with city and zipcode, ages, userIDs, e-mail addresses, and plain text passwords.
In a preface to the data dump, Abhaxas writes:
I warned you guys multiple times, but it seems disclosure is the only way to get shit done. JLAudio, companies like you should not exist.
In a tweet accompanying the announcement of the data dump, Abhaxas tweeted:
I notified @JLaudio their security sucks last week, and their website is still vulnerable. Nice. #AntiSec
A subset of the database appears to have also been posted on Pastebin. That file identifies the database as 421088_jlaudio from the firm’s mobile subdomain.
No statement appears on JLAudio’s web site at the time of this posting and JLAudio did not respond to an email and a phone call to them this morning asking for a response to the claims.