Equifax hackers demanding US$2.5m could be fake

The team of hackers has ordered Equifax to release the payment in Bitcoin not later than 15 September.

equifax data breach hackers
Credit reporting company Equifax Inc. corporate offices are pictured in Atlanta, Georgia, U.S., 8 September 2017 (Tami Chappell/Reuters)

A group of anonymous hackers who turned themselves into the dark web has demanded approximately US$2.5m from credit monitoring company Equifax to avoid stolen data from being made public. Credit card numbers and social security numbers, among others, of more than 143 million Americans have been breached.

In an Onion website they set up on the dark web, a team of hackers claimed responsibility for the Equifax data breach. Now, they are asking 600 Bitcoin or around US$2.5m from the company to avoid spilling all stolen data online, except for credit card numbers. The said hackers are giving Equifax until 15 September.

Also read: How to protect yourself from Equifax data breach

"We are two people trying to solve our lives and those of our families," writes the hackers. "We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible."

However, the self-proclaimed hackers were suspected to be taking advantage of the situation. According to security researcher Jonathan Nichols, it is easy to partially de-anonymise the Onion website, revealing the web hosting service provider and the IP address of their email provider.

The hackers' web host, Daniel's Hosting, has taken down the website while email provider Cock.li also suspended the email.

This article was first published on September 12, 2017