June 24, 2019

June 24, 2019

Subscribe to Latest Legal News and Analysis

Hack of Email Provider Destroys Servers and Two Decades of Data

We predicted last year that hackers would become more malicious in the future, not only stealing and selling data for nefarious purposes, but actually destroying data and even systems. That reality hit email provider VFEmail last week, and on February 12, founder Rick Romero tweeted “Yes, @VFEmail is effectively gone. It will likely not return. I never thought anyone would care about my labor of love so much that they would want to completely and thoroughly destroy it.” The tweet went out after he watched the intruder reformat the hard drives of his email service, which has been in existence since 2001. The intrusion wiped out two decades of data. This is a tragic story.

According to Romero, the damage the intruder inflicted included VFEmail’s entire infrastructure, including mail hosts, machine hosts and an SQL server cluster, which led him to believe that the intruder had multiple passwords when hacking into the system.

It is unknown why the intruder was so malicious. The intruder’s IP address is said to be linked to malicious hosting services located in Bulgaria. Romero further reported that the attacker used several means to access the VFEmail infrastructure, so two-factor authentication may not have thwarted it. So scary and bleak.

Copyright © 2019 Robinson & Cole LLP. All rights reserved.


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...