At 00:00 UTC, TheDarkOverlord issued a “press release.” Depending on where you reside, it made for a bad end to 2016, which was already a pretty terrible year for breaches, or a rotten start to 2017.
Several days ago, DataBreaches.net reported on several hacks TheDarkOverlord (TDO) had announced. As expected, TDO has now dumped more data from two of those previously disclosed victim companies, but also announced some other hacks.
TDO appears to have dumped pretty much everything of any significance from two of the previously disclosed victims companies, Pre-Con Products, LTD, and G.S. Polymers, Inc. Other entities whose data TDO dumped include PcWorks, L.L.C. (in Ohio), International Textiles & Apparel, Inc. in Los Angeles, and UniQoptics, L.L.C. in Simi Valley.
In private encrypted chat with DataBreaches.net, TDO declined to divulge how they attacked these clients or how much was demanded to not dump the files publicly.
Neither Pre-Con Products nor G.S. Polymers have replied to emails sent to them on Friday and earlier tonight. The Pre-Con site has been in “maintenance mode” since the attack was first announced. DataBreaches.net has also now emailed PcWorks, who did not immediately respond.
Although this site is not providing TDO’s full “press release” at this time, of note is their statement on Pre-Con Products, Ltd., a firm that has some defense contracts:
Pre-Con Products, Ltd. was an interesting pick for us because we were aware they had quite a few interesting United States Navy related projects. One of these incredibly interesting projects involved a Digital Air Surveillance Radar (DASR) site. In fact, almost their entire business these days is sustained by United States Navy defence contracts.
As in the past releases, TDO’s latest release alludes to clients who have allegedly paid their extortion demands, and is intended to serve as a warning to future victims that if they don’t pay up, they, too, will find their data dumped like the companies named in the current release. And as part of their strategy, TDO continues to seek media coverage – coverage that has posed ethical challenges for a number of us: do we report on the hacks, thereby helping him apply pressure to victims, or do we not cover these hacks so as not to embarrass or create additional harm to his victims through our reporting?
In the past, DataBreaches.net has covered some of TDO’s hacks, but not all of them, because of conflict over doing possible harm by reporting. In some cases, the decision to report was made because this blogger believed that patients needed to be promptly informed of the risks they faced and some entities were not immediately disclosing and warning patients.
In November, Graham Cluley gave his reasons for not cooperating with TDO’s attempt to get media coverage from him. Graham’s decision is admirable, and feels right ethically on many levels, but it doesn’t change the fact that these hacks and extortion demands are occurring. To not report on them at all deprives the public, policy makers, and those who track breaches of information that might better inform decision making by entities, legislators, and regulators. It may also deprive individuals of the opportunity to rapidly deploy some protections if their personal information has been dumped if they have not yet been notified by the organization that was hacked.
DataBreaches.net continues to grapple with the ethical questions posed by TDO trying to use the media as part of his strategy. For now, this site will likely continue to report on his breaches, but without exposing the personal information that he relishes in exposing or the proprietary information of companies that could harm their business if revealed. In fact, with this latest release, DataBreaches.net has tentatively decided that it will no longer even download or read most of the hacked data TDO offers to journalists and the public. Why download it if you won’t use it or even read it, right?
TDO may want us discussing his hacks, but perhaps we should just use this as an opportunity to continue exploring and discussing the ethical issues his approach raises for us.
He didn’t waste any time for 2017. If you are disclosing in your blog posts that you are having encrypted chats with TDIO, wouldn’t the authorities be looking to speak to you too?
I can’t believe that TDO hasn’t been caught yet.
“For now, this site will likely continue to report on his breaches, but without exposing the personal information that he relishes in exposing or the proprietary information of companies that could harm their business if revealed.”
Good for you! (And happy new year, by the way!)
Thanks, Graham. Your opinion counts for a lot with me. I’ve spent the last 24 hours revisiting the ethical dilemmas I’ve experienced since June. I know that even just reporting at all has the ability/potential to clue people to go look for data dumps and the like, as TDO has a known method of disclosures. But I truly felt sick after reading one file – and when you feel like you need to go take a shower to get clean because you’ve just participated in a privacy violation while trying to report, well… 🙁
And Happy New Year to you, too!
Wouldn’t authorities be looking at your blog for more information to try and “catch him”?.
I have no idea what they are doing or not doing.
I think the ethical dilemma can outweigh the fact that you are putting it out there to inform proper parties there was a breach and their PII may have/have not been compromised.
As yucky as it may feel to see some of the data which is coming your way, you are consciously aware of making sure any of your info is not on the internet.
In the end, it may be best for the moral beliefs to do what is right..