Details of 18,000 Faithless fans have been stolen in a website hack
Users' personal data has been sold on the Dark Web
18,000 Faithless fans have had their personal details stolen after the dance group's website was subject to a cyber-attack from hackers.
The site's defences were breached after a piece of malware was uploaded using a technique called an SQL injection, and now the illegally acquired data, including users' personal e-mail addresses and passwords, is now being sold on the Dark Web.
Security firm CyberInt spotted the hacking activity last September, but only confirmed the attack at the start of this week.
Elad Ben-Meir, CyberInt's vice-president of marketing, said: "We have a system that collects cyber threat intelligence in real time, and as part of our work we uncovered a Faithless database being sold on the Dark Web, and we flagged it up with them.
"I think they fixed the issue but they didn't quite go out and tell anyone that, so that leaves their fans, about 18,000 people, unaware that their private information has been compromised."
It is now feared that the attack will be repeated on further music websites, with information on musical taste and knowledge of e-mail addresses being attractive to hackers attempting phishing scams due to the feeling of trust fans feel towards musicians.
Ben-Meir warned that the Faithless hack "could signal the start of a new trend of attacks on the UK's £3.5 billion a year music industry."
[Via: The Independent]
Patrick Hinton is Mixmag's Digital Intern, follow him on Twitter here