Hackers installed keylogger and copied NZBGeek database exposing personal details of all users.
What is NZBGeek?
NZBGeek is an indexing service and file-sharing private community where users can sign up for free and search for content. Users who donate funds get extra features. The site offers over 500,000 indexed NZBs.
The Hack
While operating smoothly, as the site normally does, suddenly the site became unreachable. Later, there was a message put up by site operators that they are experiencing hosting-related issues. The next day they announced that the site had been hacked, and an official statement was released that read:
“It’s with a heavy heart that we must admit that we have had a breach. If you have recently used your card or payment with us we suggest changing your credentials and card info as soon as possible.”
Private Data Leaked
According to the site operators, hackers copied its database. Therefore, the personal details of all the users were exposed. The attackers also installed a keylogger to be able to abuse the site in the future.
The company revealed that the hackers accessed a copy of the site’s database that stored usernames, encrypted passwords, email addresses, and last connected IP addresses. As per the operators, when the attack occurred, the hard drive on their indexer and an API server failed.
NZBGeek admin Jeeves has confirmed that the site never stored credit card data. The user data was exposed because the hacker used an SQL-exploit and installed a Javascript-based keylogger.
What Next?
The indexer service is currently investigating the attack. Apart from the API, all the systems are still offline. The company has requested its users to immediately change their passwords to secure all their online accounts and credit cards to access the site and use its services recently.
Understandably, NZBGeek users are concerned about their data. They are afraid that their download history, IPs, and other private details could be at risk.
NZBGeek issued an update to address these concerns, according to which download histories were stored in a separate server, and it isn’t yet clear whether this server was breached as well or not. Furthermore, the site only reserves the last used IP address of its users. The company claims to share more information as soon as they can get new insights.
“We are taking massive steps, with the help of many community members around the world who are experts in various forms of cybersecurity. I am happy to provide those details as these are vetted and finalized,” NZBGeek told TorrentFreak.
Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter!