Last week, hackers of Rex Mundi, a group that’s known for stealing data from various companies and blackmailing them, announced breaching the systems of Belgian hosting firm Alfa Hosting (AlfaNet bvba). On Friday evening, the extortionists published the names of 12,000 of the company’s customers.
AlfaNet representatives haven’t answered our emails and they haven’t made any public statements regarding the incident. According to a message published by the hackers on Friday next to the leaked customer names, they haven’t responded to their emails either.
“We offered Alfa Hosting not to publish its customer data if they agreed to pay us. So far, they have decided not to reply to our emails. We have decided to give them an additional 24 hours to do the right thing and protect their customers,” the hackers noted on Friday.
“If Alfa Hosting still has not agreed to meet our demands by tomorrow evening, we will publish their contact data, login and passwords,” they added.
“If your name is on that list, feel free to contact Alfa Hosting tomorrow to tell them how you feel about the way they are handling this matter and about the fact that their vulnerable server is still up three days after we notified them about the vulnerability. Do you have grounds to sue them if your data gets released? Probably.”
Interestingly, the 24-hour deadline is up, but the cybercriminals haven’t published any other AlfaNet customer data as they’ve threatened.
One possible scenario is that the organization has agreed to pay up in order to prevent its customers’ data from ending up online. If this is the case, it’s likely that the hackers have gained deep access to the company’s systems.
There’s also the possibility that Rex Mundi hasn’t gained access to sensitive information and that they were simply making empty threats.
In the past, many organizations admitted to having had their systems breached by Rex Mundi. However, there are some controversial cases as well.
For instance, in the case of Belgian telecoms company Numericable, the company denied that the hackers could have gained access to customer info. Shortly after, the cybercriminals published what appeared to be contact information for around 6,000 people.
In the summer of 2013, Rex Mundi claimed to have breached the systems of Belgian recruitment agency Habeas. After trying to blackmail the company, they published a message admitting that most of the data downloaded from Habeas’ servers was “junk.”