Evite has officially admitted to a security breach that was first reported by ZDNet back in April 2019. Evite is a social planning and e-invitations service and one of the leading websites on the internet. A hacker named Gnostic players had put up a sale for the customer data of six companies that includes Evite as well. The hacker has claimed that he had sold ten million Evite user records that comprised of the full names, email addresses, cleartext passwords and IP addresses. ZDNet on the other and took the initiative to let Evite know of the hack and that the acquired data was being sold on the dark web against an amount of ฿0.2419 (~$1,900) on 15th of April.
Evite has not returned to ZDNet’s request for the comment but over the weekend, Evite has published a FAQ page on its website admitting to the hack that took place and also have published more details on the incident. The company has said that after an investigation, it has tracked the incident to the “malicious activity starting on 22nd of February 2019.” Evite has informed that the malevolent intruder has stole an active data storage file that was holding the information on some Evite user accounts and as per the company the file that was stolen did not contain data more recent than 2013. Evite has prompted the users to reset their passwords during their next login.
Evite has also said that no financial data or Social Security Numbers (SSN) were exposed as the company does not collect or store SSNs while all the financial data is handled by a third-party vendor. The law enforcement was notified of the incident and has also worked with an outside security expert to address the vulnerabilities and also remediate the incident.
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.