Pro-Assad hacker group the Syrian Electronic Army claims to have breached the back-up database of Tango, the company behind the popular eponymous app, and to have exfiltrated 1.5 TBs of daily back-ups, the BBC reports.
The back-ups apparently contain information such as contact details, phone numbers and email addresses of the company’s 120 million registered users, and the hacker group announced that it will be sharing said information with the Syrian government.
They also included a few screenshots of the backups folder and one of the Tango App log to prove their claims.
The company has confirmed on Twitter that they “experienced a cyber intrusion that resulted in unauthorized access to some data”, but have yet to share more details. They only added that they “are working on increasing their security systems.”
A few days later, the group has sent The Daily Dot a Tweet demanding the removal of a caricature of Assad accompanying an article about the Tango hack. After they refused to comply, the SEA first broke into the Gmail account of one of its staff, then into the site’s administration panel and removed the article in question altogether.
Judging by the screenshot of an email received by the staffer, The Daily Dot staff was informed about the potential threat of getting hacked by the group, but it didn’t help – the staffer has likely fallen for a spear phishing email and has handed his email login credentials – and possibly those for the admin panel – to the attackers.