State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Fax Express

NJCCIC Data Breach Notification

Original Release Date: 12/10/2020

Summary

A hacked database belonging to Fax Express, an office equipment supply store based in Ocean County, NJ was exposed, revealing approximately 560,000 compromised usernames and dehashed passwords. The breached database is connected to the domain shredderstoo[.]com and is assessed to be owned by Fax Express. The leaked data was subsequently found advertised on hacker forums shortly after Cit0Day – a hacker website that provides paying patrons access to a vast collection of compromised credentials – itself appeared to have been hacked. This database is one of 23,000 found in the Cit0Day collection, which housed over 13 billion user records. Though the compromised data associated with Fax Express’ database is not particularly sensitive, it can be used by threat actors in various attacks and may be leveraged across multiple accounts if the passwords are reused. This may put several organizations across NJ at risk, as most patrons of Fax Express are likely business owners or those that purchase office equipment for their organization.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.