Cybercriminals hacked Italian provider of email services - Email.it. The data leak affected more than 600,000 people, and the offer for the data from the last two years was listed on the dark web. However, the data offered for sale only includes persons who have used the free version of Email.it.

The group that stole the data presents themselves as NN Hacking Group has provided the evidence of the attack on Twitter. According to Cyberdefence24, the data that was put up for sale includes 44 collections, valued at $22,000. The scope of the stolen data includes account usernames, passwords, content of the email messages and attachments, as well as phone numbers associated with the service, SMSes and faxes broadcasted from them.

The email provider has stored user passwords in an unsecured text since the data leak, and the incident itself has not been reported to the appropriate authorities. Following the disclosure in the NN’s tweets, Email.it has admitted that there was a data leak, but the financial data was not stolen.