Patreon Hack Victims Extorted

Following the Patreon hack from early October, where 15GB of customer data was leaked, victims have received emails threatening to publish their details unless they pay.

The email claims that the sender has customer’s banking details, social security numbers and tax identification numbers. Unless one bitcoin (£213) is transferred through to the sender, the email threatens to damage the customer’s credit score “like hell”.

During the leak earlier in the year, Patreon claimed that the customer information leaked included only names, email addresses, donation information and shipping addresses. In a statement on the company’s blog, CEO Jack Conte wrote that the company does not store full credit card information on their servers, and that “no credit card numbers were compromised”.

The company has posted on Twitter advising those who had received the email to ignore it. Conte stressed this in a statement, stating: “Do not reply to the email—it is a scam. The tax forms we store are securely encrypted with RSA 2048-bit encryption, and we do not store full credit card numbers. If you receive this email I suggest you flag it as spam and ignore any further emails. Do not reply.”

The email address, sharingservices@aol.com, has been identified as being the same one used in similar online scams, such as attempts following the Ashley Madison leak.