The E-invitations platform Evite has admitted that it suffered a data breach in February and the stolen user data was put up for sale in the Dream Market marketplace by the infamous hacker ‘Gnosticplayers’.
Evite has also provided additional details about the breach and the steps they’ve taken to remediate the incident in a security update.
The detailed picture
Evite became aware of the incident on April 15, 2019, after Gnosticplayers published almost 10 million Evite user data on the Dark Web, along with the user data from 5 other companies including Mindjolt, Wanelo, iCracked, Yanolja, and Moda Operandi.
Upon which, the e-invitations platform hired a leading data security firm and launched an extensive investigation. The investigation revealed malicious activity since February 22, 2019.
On May 14, 2019, Evite confirmed that an unauthorized third party gained access to an inactive data storage file that contained Evite user accounts prior to 2013.
What data was compromised?
The data storage file contained user data such as users’ names, usernames, email addresses, passwords, dates of birth, and phone numbers. However, no financial information and Social Security numbers were compromised.
What are the preventive measures taken?
“We sincerely regret any inconvenience or concern caused by this incident. We are committed to protecting your information and maintaining your trust and confidence,” Evite concluded.