After a potential 2.5 million users’ information was exposed by hackers, multiple New Zealand residents are reporting that they’re now receiving ransom letters.
MediaWorks began an internal investigation of its company after an online hacker declared that they had the information of 2.5 million MediaWorks customers and would begin posting information online unless they received money.
“We are writing to inform you of a concerning data breach at MediaWorks New Zealand that has compromised the personal information of 2.5 million New Zealand citizens, including yours,” the hacker said. “We attempted to negotiate with MediaWorks by offering a very low price to have them secure the data, but unfortunately, they displayed a disappointing lack of concern and refused. Their dismissive attitude, treating the data as valueless, has led us to consider releasing it publicly.”
Anonymous individuals reached out via social media and radio shows to discuss the ransom notes they received stating that their information would become public unless they paid them $500 worth of Bitcoin.
The hackers exposed several other user’s emails in their letters to show they were serious. This led one of the victims who appeared on a radio talk show to question whether or not the hacker’s claim of holding 2.5 million users’ credentials was an exaggeration.
The same guest critiqued the company’s response.
“I also did try and contact MediaWorks but as yet I haven’t had a call back from them,” he complained.
Users on social media criticized MediaWorks as well, commenting that it’s good that the company wouldn’t pay criminals their ransoms, but the company still needs to protect and provide transparency to its customers.
If you received an email for a ransom, remember that you should never pay the ransom. Paying a hacker doesn’t guarantee they will keep your data private. If a victim pays one time, criminals are likely to continue extorting them for as long as they can.