Malicious hackers say they demanded $50,000 ransom for stolen Bell data

CBC

Updated May 26, 2017 at 5:00 a.m.

A Bell Canada office is pictured in downtown Ottawa November 26, 2008. REUTERS/Chris Wattie/File Photo

A pair of malicious hackers say they demanded that Bell pay a $50,000 US ransom to prevent stolen customer data from being shared online, according to a person claiming responsibility for the theft.

That person — who communicated with CBC News via encrypted chat using the handle "exodus" — says a ransom email was sent to Bell on May 5, detailing the extent of the breach and the thieves' terms.

Bell apologized to its customers last week after 1.9 million email addresses and approximately 1,700 names and phone numbers were stolen from the company's systems and posted online. Links to the data were then shared across social media.

"We were literally inside Bell's networks with access to everything," exodus told CBC News. "It could have been much worse for them."

Even after the breach was revealed, exodus claimed to still have access to Bell servers, and to have stolen additional data that could still be leaked — in particular, "all passwords for Bell customers." They were unable to offer any supporting proof.

Bell previously told customers that "there is no indication that any financial, password or other sensitive personal information was accessed."

Bell's director of communications Marc Choma declined to comment on any of exodus's claims, which could not be independently verified by CBC News. He previously told Reuters that "a demand for payment was made by the hacker, but it was not paid."

The breach is the latest in a string of high-profile malicious hacks that have held large corporations' data for ransom.

In April, a person or group who went by the name "thedarkoverlord" leaked the latest season of the Netflix TV series Orange Is the New Black, more than a month before its premiere, after the streaming service declined to pay up.

And earlier this month, it was reported that Disney's upcoming film Pirates of the Caribbean: Dead Men Tell No Taleshad also been stolen and held for an unspecified ransom, though it's unclear if the two attacks are related. The movie hasn't yet been leaked.

More recently, companies and individuals continue to grapple with the fallout from the WannaCry ransomware attack, which held hostage hundreds of thousands of computers around the globe, before malware researchers curtailed its rapid spread.

'They have many security vulnerabilities'

CBC News made initial contact with exodus through an account called "exodusbell" on the website Reddit.

The account was created last Monday — the day the breach was made public — and it made three posts in the hours before Bell issued a statement confirming the breach.

Each post was titled "Bell.ca Media leak. Be warned Bell," which sent visitors to a website with a message from the thieves, before linking to yet another website that hosted the leaked files.

The timing of the posts — which appeared to be the first to publicly link to the leaked material — suggest they were likely shared by the malicious hackers themselves, or by someone on their behalf.

According to an email that exodus shared with CBC News, the pair demanded Bell send $50,000 US in bitcoin within 14 days of the email's receipt. In exchange, they claimed they would honour a signed contract promising "video and cryptographical evidence" of the data being "securely deleted."

If Bell refused to co-operate, the pair would leak the stolen data online.

It "would be unfortunate if your customers had another reason to hate you," said the email to Bell, which linked to the same website that was later shared online, directing visitors to files containing the leaked data.

Exodus says Bell never responded — a fact Choma confirmed to Reuters last week.

It is not the first time that unauthorized users have breached Bell's systems and leaked customer information. In 2014, the RCMP charged a Quebec youth after a Bell contractor was breached and 22,421 user names and passwords, as well as five valid credit card numbers, were posted online.

"They really don't care about their customers," exodus said. "They have many security vulnerabilities."

Some hackers will report vulnerabilities they find to companies — sometimes in exchange for payment, or for altruistic reasons — but try to avoid doing things that might be deemed illegal, such as taking user data. The Bell breach does not appear to be one of those cases, as exodus says their actions were "highly financially motivated."

"Unlike the kids last time, we have owned them, and no [law enforcement] creeping about," exodus said.

The account stopped responding to messages from CBC News late last week.

CBC
Police identify man who plunged to his death from balcony
Toronto police have identified a man who plunged to his death from an eighth-floor balcony downtown late Wednesday in the city's latest homicide.Ryan Williams, 38, of Toronto, fell from a balcony just before midnight at a highrise in the area of Church and Shuter streets, police said in a news release on Thursday.Paramedics say they transported a man to a trauma centre. He was pronounced dead in hospital, according to police.Williams is the city's 24th homicide victim of the year.Police have sai
a day ago
The Daily Beast
Donald Trump Wishes Melania Happy Birthday, Makes It All About Himself
Michael M. Santiago/GettyDonald Trump used his break between court sessions to wish wife Melania a very happy birthday with a message focused mostly on himself. “I want to start by wishing my wife Melania a very happy birthday. It would be nice to be with her—but I’m in a courthouse for a rigged trial,” grumbled the former president, who is facing 34 felony counts for allegedly falsifying business records to cover up an affair that could’ve hurt him in the 2016 presidential election. PRESIDENT T
4 hours ago
CNN
Secret Service says agent on Harris’ detail was removed from assignment after distressing behavior
A Secret Service agent assigned to Vice President Kamala Harris’ detail was removed from their assignment after displaying behavior that colleagues found “distressing,” the agency said.
17 hours ago
People
“Call Her Daddy'”s Alex Cooper Models Her Wedding Night Lingerie in Instagram Reveal: See the Racy Look
Cooper wore a sexy lacy bodysuit from SKIMS' Wedding Shop collection after marrying Matt Kaplan in Mexico
2 days ago
Cosmo
Sabrina Carpenter looks practically naked in completely see-through lace mini dress
Sabrina Carpenter went braless wearing the Mirror Palais Anemone Dress in butter featuring illusion tulle adorned with lace appliqués along the neckline and hem
a day ago
HuffPost
Jamie Raskin Suggests Fitting New Home For 'Partisan' Supreme Court In Blistering Take
The House Democrat named the "most astonishing" thing he heard from one justice after the court heard arguments on Donald Trump's immunity claim.
10 hours ago
Yahoo News UK
Pensioner who worked at Clarks for 68 years given boot with two days' notice
Jill Cornick, 82, is out of work for the first time in her life after being told the Clarks shop she worked in since 1956 in Dorset was closing.
8 hours ago
Cosmo
Kylie Jenner just revived the naked brow trend and she looks like a woodland fairy
Kylie Jenner shares Instagram selfies of her new bleached eyebrow look for 2024. She looks so different, with the ash-blonde look.
9 hours ago
Reuters
Trump's three US Supreme Court appointees thrash out immunity claim
When the U.S. Supreme Court ultimately rules on Donald Trump's claim of presidential immunity from prosecution, a third of those deciding the matter will be justices he appointed to their lifetime posts. Those three - Amy Coney Barrett, Brett Kavanaugh and Neil Gorsuch - posed questions from various angles as the nation's top judicial body heard arguments on Thursday in a case that provides a vital test of the power of the presidency. A key question, Gorsuch said, is "how to segregate private from official conduct that may or may not enjoy some immunity."
22 hours ago
CNN Business
Right-wing media ruptures over Marjorie Taylor Greene’s threat to oust Mike Johnson
As Greene threatens to oust House Speaker Johnson over his support for Ukraine aid, a rift has ruptured in the MAGA Media landscape.
8 hours ago
HuffPost
Ex-Trump Lawyer Spots Donald Trump’s ‘Big Mistake’ That Will ‘Make His Campaign Cringe’
“That just brings back all those bad memories about that issue," Jim Schultz told CNN's Jake Tapper.
12 hours ago
HuffPost
Harvard Law Professor Offers Scathing Summary Of SCOTUS-Trump Arguments
Laurence Tribe pulled no punches over what he described as a “shameful performance by the court.”
9 hours ago
CBC
Orca calf swims out of lagoon after being trapped for a month
The Ehattesaht First Nation says a killer whale calf that had been trapped in a remote Vancouver Island lagoon for more than a month is now free after it swam out on its own early Friday morning.The nation said kʷiisaḥiʔis, or Brave Little Hunter, swam over the sandbar and out into open water during high tide around 2:30 a.m. PT.After a long night of feeding kʷiisaḥiʔis and watching the calf play in the lagoon, the nation said, a small group "stood as witnesses to watch her swim under the bridge
3 hours ago
USA TODAY
A longtime 'Simpsons' character was killed off. Fans aren't taking it very well
"The Simpsons" has killed off a long-time character who was a regular at Moe's Tavern. Fans are mourning the loss online.
17 hours ago
The Daily Beast
Judge Upholds Trump’s $83 Million Defamation Verdict
Reuters/Brendan McDermidA federal judge in New York upheld a defamation verdict against Donald Trump, keeping him on the hook for the $83 million he owes E. Jean Carroll, the writer who accused him of sexual assault.Trump had motioned to receive a new trial, but Judge Lewis Kaplan rebuffed that effort, determining nothing was wrong with the first one that ruled against him.The decision affirms that Carroll suffered harm from Trump publicly railing against her in 2019, as she went public with her
23 hours ago
CBC
Makeshift slaughterhouse in a residential garage points to growing concerns about illicit meat sales
Inside a garage in an established Edmonton neighbourhood, animals were being slaughtered and the meat was advertised for sale to consumers, a CBC News investigation has learned.Police entered the rented garage in the quiet residential Woodcroft community in February 2023. Images shared with CBC News show piles of goat carcasses, tubs of blood and the remains of a skinned baby goat on a makeshift slaughter table.Neighbour John Bos told CBC News that the sounds of bleating goats first alerted him
a day ago
InStyle
Prince Edward and Duchess Sophie Feel Disappointed by King Charles Royal Title "Snub"
The "chosen ones" are reportedly sad they didn't get new roles after Prince William and Kate Middleton's latest appointments.
a day ago
USA TODAY Sports
NFL draft's most questionable picks in first round: QBs Michael Penix Jr., Bo Nix lead way
With the first round of the 2024 NFL draft complete, several teams stood out with their initial picks – and not in a good way.
8 hours ago
USA TODAY Sports - Golfweek
Is Jon Rahm having an existential crisis? He’s certainly going off his LIV Golf script a bunch
Rahm keeps wandering off the script, especially in the last month.
7 hours ago
People
All About Okla. Family Murder-Suicide, Where Dad Killed Wife, 3 Sons Before the Last Surviving Child Called 911
Jonathon Candy, 42, fatally shot his wife, Lindsay Candy, 39, and three of their four children, ages 18, 14, and 12, on April 22, before dying by suicide
a day ago

Latest Stories