Newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Share this article:

The WeLeakInfo “data breach notification” domain is no more.

The feds and international law enforcement have taken down a website that was selling access to billions of stolen personal records.

The FBI and the Department of Justice said on Thursday that they, in conjunction with the Dutch police, the United Kingdom’s National Crime Agency and Germany’s Bundeskriminalamt, have seized the internet domain name “weleakinfo.com,” effectively suspending its operations. Separately, in conjunction with the case, the Oost-Nederland police arrested a 22-year-old in Arnhem, Netherlands; and, a 22-year-old man in Northern Ireland was also taken into custody, according to local reports.

However, the authorities are still on the hunt for any other suspected operators and owners of the site, and are asking for information as to their whereabouts via the FBI’s Internet Crime Complaint Center (IC3).

WeLeakInfo, despite its name, marketed itself as a legitimate data-breach notification company; it provided subscription services where users could sign up for one-day trial for $2, a week for $7, a month for $25 or three months for $70. Users would gain access to a search engine, used for perusing more than 12 billion personal records gleaned from 10,000 different data breaches. The records contained the usual cybercrime goodies: Names, email addresses, usernames, phone numbers and passwords for online accounts, according to the DoJ. However, it’s self-description on Twitter gives a more altruistic spin on its wares, framing itself as a HaveIBeenPwnd-like service: “Have your passwords been compromised? Find out by searching through over 12 billion records and 10,000 data breaches.”

The site itself seemed blindsided from the action, judging by this tweet:

We leak Info (@weleakinfo) 15 Jan 2020

Site users meanwhile at first didn’t believe the action was real:

– The act of Veron (@AktVeron) 16 Jan 2020

And many have taken to the Twitterverse to complain that their subscriptions just started and to request refunds:

– Twin Turbo ? (@1337turbo) 16 Jan 2020

“With execution of the warrant, the seized domain name – weleakinfo.com – is now in the custody of the federal government,” according to the FBI’s notice. “Visitors to the site will now find a seizure banner that notifies them that the domain name has been seized by federal authorities.”

Concerned about mobile security? Check out our free Threatpost webinar, Top 8 Best Practices for Mobile App Security, on Jan. 22 at 2 p.m. ET. Poorly secured apps can lead to malware, data breaches and legal/regulatory trouble. Join our experts from Secureworks and White Ops to discuss the secrets of building a secure mobile strategy, one app at a time. Click here to register.

Share this article:

The agency changed its policy to provide more timely and actionable information to state and local election officials in the case of a cybersecurity breach to election infrastructure.

Legal battle pitting Feds against the tech giant over data privacy and device security in criminal cases seems inevitable.

Refusal to unlock the phones of a Florida shooter could set up another legal battle between Apple and the Feds over data privacy in the case of criminal investigations.

Join thousands of people who receive the latest breaking cybersecurity news every day.

2 hours ago

Get the latest breaking news delivered daily to your inbox.

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.