TheFly.com

Cyber War News learned of a breach that appears to impact all users who registered at TheFly.com, a financial news publisher, between 2006 and 2015. A hacker identified as the Twitter user @0x55Taylor shared with Cyber War News a 2.6 GB SQL file named theflyonthewall.com.sql that is a complete dump of the site’s MySQL database. The breach is thought to be the result of a vulnerability contained in another unrelated website that allowed the hacker to access TheFly.com’s database as well as the databases of 7 other websites. The exposed data includes 100,000 user accounts. Of those accounts, 27,000 of them include credit card numbers, names, and addresses of users from 2006 to 2015. The NJCCIC recommends that users of TheFly.com who created and maintained accounts during the affected time frame remain vigilant as the personal information leaked may be used by threat actors to craft clever and convincing spear-phishing campaigns designed to trick users into divulging additional sensitive information. Additionally, they are urged to monitor financial accounts and report any fraudulent activity ASAP.