State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

TheFly.com

Original Release Date: 1/4/2018

Summary

Cyber War News learned of a breach that appears to impact all users who registered at TheFly.com, a financial news publisher, between 2006 and 2015. A hacker identified as the Twitter user @0x55Taylor shared with Cyber War News a 2.6 GB SQL file named theflyonthewall.com.sql that is a complete dump of the site’s MySQL database. The breach is thought to be the result of a vulnerability contained in another unrelated website that allowed the hacker to access TheFly.com’s database as well as the databases of 7 other websites. The exposed data includes 100,000 user accounts. Of those accounts, 27,000 of them include credit card numbers, names, and addresses of users from 2006 to 2015. 

Recommendations

The NJCCIC recommends that users of TheFly.com who created and maintained accounts during the affected time frame remain vigilant as the personal information leaked may be used by threat actors to craft clever and convincing spear-phishing campaigns designed to trick users into divulging additional sensitive information. Additionally, they are urged to monitor financial accounts and report any fraudulent activity ASAP.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.