By Aaron Kesel
Credit reporting agency Equifax was hacked, potentially endangering 143 million Americans’ social security numbers, birth dates, and other private information. Unless, according to the alleged hackers who hacked them, Equifax pays the 600 BTC ransom (2.6 million dollars) by September 15th, according to a Darkweb onion site.
The supposed hackers note that they won’t publicly post credit card numbers of the credit agency, suggesting they may pawn them on Darkweb carding forums.
“We are two people trying to solve our lives and those of our families,” the group explains. “We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible.”
The hackers appear to have a sense of humor, and how they arrived at that amount is even funnier. Here’s how they claimed to have arrived at the number.
“Three Equifax executives sold 3 million dollars in shares taking advantage of their insider information after the attack,” notes the site. “We believe that 600 BTC is a fair amount.”
Three Equifax Executives Sold Stock Before the Company Revealed Cyber Hack — story on @TheTerminal
— Anders (@MelinAnders) September 7, 2017
Ransoming hacked data isn’t new; in fact it’s becoming more and more common with the WannaCry ransomware being one of the bigger giant attacks, recently affecting 300,000 computers in 150 countries, according to Kaspersky Lab.
— Kaspersky Lab (@kaspersky) May 12, 2017
The hackers of WannaCry netted $140,000 gains in Bitcoin from three wallets from their encrypted malware, CNET reported.
Earlier this year in March, Home Depot agreed to pay $27.25 million to affected financial institutions after it had its own breach in 2014. The retail giant isn’t the only business to have been affected by a financial breach. Target was also the “target” one year prior which cost the company an estimated $252 million, according to SEC filings.
If this threat is legitimate, which the hackers warn they can prove, it is up to Equifax whether nearly half of America may have their private data leaked on the Internet September 15th.
“Request a specific part or a specific data from an email that corresponds to Equifax and we will send it to you,” The hackers said.
The irony of this is if the credit agency or any of these businesses dealt in cryptocurrency in the first place they wouldn’t be dealing with this problem because crypto lacks a pull method; you can not automatically withdraw without the wallet owner’s consent, and it also does not label each wallet with its users personal details. Instead, you have a string of numbers and letters that identify each user as a wallet address that can only send or receive cryptocurrency.