Thousands of fans of the band have their personal details sold online following leak
Fans of the band Faithless might be suffering from more than insomnia this morning after it was revealed that thousands of user details had been stolen from the band’s website.
The breach of faithless.co.uk was first spotted by internet security firm CyberInt last September but was only confirmed by the company yesterday.
As many as 18,000 fans could have been affected in the breach, which saw personal details such as email addresses and passwords, put up for sale on the Dark Web, CyberInt says.
The attack appears to have been caused by hackers uploading malware through SQL injection on the site, which allows the attackers to execute malicious SQL commands which control a web application’s database server.
Elad Ben-Meir, vice-president of marketing at CyberInt, told the Independent: “We have a system that collects cyber threat intelligence in real time, and as part of our work we uncovered a Faithless database being sold on the dark web, and we flagged it up with them.”
“I think they fixed the issue but they didn’t quite go out and tell anyone that, so that leaves their fans, about 18,000 people, unaware that their private information has been compromised,” he added.
The attack is the second major data breach to affect British music fans in recent months, after the website of singer Adele was apparently compromised last month.
Fans queuing to buy advance tickets for the singer’s latest tour were apparently shown other people’s shopping baskets, including payment details, when they tried to check out.
Data breaches have become an unfortunately common occurrence over the past 12 months, with companies including TalkTalk, the BBC and pub chain JD Wetherspoon all coming under attack recently.
The latter saw details from around 650,000 customers stolen by a third party from the database for an older version of its website.
Phone and Internet provider TalkTalk was hit by a major hack in October, with four percent of its users, or 157,000 customers, had personal details stolen, including 16,500 account details and 20,000 card details.
Are you a data breach expert? Take our quiz to find out!