Motherboard managed to confirm some login information which the hacker provided, but wasn’t able to confirm whether the hacker has really access to 237K accounts or whether they were stolen in a fresh heist. The hacker said “I want to publicly shame them for their poor practices,”. The alleged hacker has now put the login credentials on sale for about 1 Bitcoin or $400 for every account. It includes usernames, passwords, address of the user and the emails. The hacker told the Motherboard, he even had access to credit card credentials but he didn’t stole them. However, the login credentials apparently work on 23 online properties belonging to PSM. However, PSM representatives have something different to say, they claim that the breach took place in 2008 and then the security of the network was upgraded after PSM decided paying the ransom [a sum of money demanded]. PSM further added that the company doesn’t eliminate username, which describes the number of items in this data base. Also, if the username expires, it drops access to the sites. In order to prove this breach, hacker said to the Motherboard that he/she could breach the Team Skeet website shortly by defacing it on March 31st. It clearly shows that PSM is not having such strong security as earlier believed. It also shows that hackers might have tried to contact PSM before heading to the press by confirming whether the company has a bug bounty policy, however PSM “didn’t seem to care.”
Δ