Evite confirmed the data breach

Evite, the well-known online e-invitations as well as social planning service, has confirmed becoming victim of a data breach. In this data breach, a hacker known as "Gnosticplayers" put the personal data of the Evite users' for sale on dark web.

The hacker Gnosticplayers reportedly claimed that ten million records, which included the full names, email addresses, cleartext passwords and IP addresses, of Evite users' were obtained by them. In April 2019, ZDNet reported that Gnosticplayers has demanded bitcoins worth $1,900 for the 10 million records of Evite users'.

Evite has confirmed that breach happened in Feb. 2019, in which the cybercriminals accessed a file containing user records dated back to 2013. Evite also said that name of the Evite users', mailing addresses, user names, passwords, email addresses, phone numbers and dates of birth could have been possibly affected by that breach.

"Upon discovering the incident, we took steps to understand the nature and scope of the issue, and brought in external forensic consultants that specialize in cyber-attacks. We coordinated with law enforcement regarding the incident, and are working with leading security experts to address any vulnerabilities," said Evite in a statement.

Evite further said that they will continue to monitor their systems for any unauthorized access, and have also introduced more security measures. Besides, they will be prompting the affected Evite users to change their Evite passwords when they next time log-in.

The firm said that the users' financial data and social security numbers has not been compromised by this breach, as they does not store or collect financial information. Evite said emails were sent to notify the users affected by this breach. Moreover, Evite also cautioned the users regarding phishing emails, telling them that email from the firm will never ask the users to click any kind of links or attachments and will never request the personal data.

"If the email you received about this issue prompts you to click on a link, suggests you download an attachment, or asks you for information, the email was not sent by Evite and may be an attempt to steal your personal data. Avoid clicking on links or downloading attachments from such suspicious emails," warned Evite.

However, it is yet unclear as how Evite has been hacked and the exact number of users who have been affected by this breach.

» SPAMfighter News - 7/3/2019