Email.it Data Breach Exposes 600,000 Users – Expert Commentary

It has been announced that the Italian email provider Email.it and now the data of more than 600,000 users is being sold on the dark web.

EXPERTS COMMENTS
Jake Moore, Cybersecurity Specialist,  ESET
April 08, 2020
Limiting the amount of data hitting the dark web is nearly impossible once it’s out.
Limiting the amount of data hitting the dark web is nearly impossible once it’s out. However, it’s about how you handle the compromise and it’s noble how this company dealt with the threats. Companies should not be pressured into negotiating with cyber criminals and it’s refreshing to see a company not bowing to pressures. ....
[Read More >>]
Stuart Sharp, VP of Solution Engineering,  OneLogin
April 08, 2020
The data now hosted on dark web forums will move into the cybercriminal supply chain.
This is of course a significant worry for users of Email.it, and for the company itself whose brand reputation and security posture will suffer as a result of this breach. They may also find themselves in breach of legislation such as GDPR, which could incur fines sizeable enough to have a serious affect on the company’s bottom line. Applying proactive measures such as two-factor authentication ....
[Read More >>]
Anna Russell, EMEA VP,  comforte AG
April 08, 2020
The best way to protect yourself is to use different passwords for all your online accounts and change them regularly.
There are two ways to look at this – from a personal perspective and from a business perspective. As a private individual, sometimes there’s no way to be sure that the services we use are protected by an adequate amount of security. The best way to protect yourself is to use different passwords for all your online accounts and change them regularly. Otherwise, if one is compromised, then you c ....
[Read More >>]
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
April 08, 2020
The security resources available to any platform, including the level of talent they can attract, is a function of their revenue streams.
People’s digital lives are increasingly held in their hands and powered by free services like public email providers and social media platforms. The security resources available to any platform, including the level of talent they can attract, is a function of their revenue streams. Ideally, all service providers will perform real-time audits for abnormal traffic patterns based on the potential t ....
[Read More >>]
James Carder, Chief Information Security Officer & Vice President,  LogRhythm Labs
April 08, 2020
Email.it’s claim that no financial information was stored on the hacked server isn’t completely accurate.
This is an unfortunate incident all around. We have a provider of email services that not only has access to all of their customers’ personally identifiable information (PII), including usernames and passwords, but also of their emails and the content within those emails. As anybody who has been in the industry long enough knows, people still send sensitive information through email all the time ....
[Read More >>]
Anna Russell, EMEA VP,  comforte AG
April 08, 2020
The best way to protect yourself is to use different passwords for all your online accounts and change them regularly.
There are two ways to look at this – from a personal perspective and from a business perspective. As a private individual, sometimes there’s no way to be sure that the services we use are protected by an adequate amount of security. The best way to protect yourself is to use different passwords for all your online accounts and change them regularly. Otherwise, if one is compromised, then you c ....
[Read More >>]
Ed Macnair, CEO ,  Censornet
April 07, 2020
More than 600,000 customers are now at risk of highly targeted.
Email.it has failed its users more than once in this case. In the first instance, the email provider has not protected the sensitive data of its customers and then, despite the breach happening two years ago, the company has not warned users they are at risk. It is simply unacceptable that the provider has violated the trust of its users in this way and they had to find out via Twitter. It is pa ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article