Slickwraps Breach - February 2020

Slickwraps Breach

Slickwraps is a company that sells skins for multiple technological devices, including phones, laptops, tablets, and gaming consoles.

What Was the Breach?

The breach was the product of a research program. There are massive amounts of security researchers, also known as white hat hackers, that go through various websites and see how easy it is to hack into them. When Bleeping Computer asked this hacker why they didn’t alert Slickwraps as soon as they penetrated the system, they said, “As a white hat, we want to see how far we can go so we can generate a full report. No point in doing research and reporting the first vulnerability when there’s still 10 others.”

How Did the Breach Occur?

This breach occurred when a security researcher known as Lynx gained access to the company’s internal systems. They contacted Slickwraps and waited; they never received any response, so they disclosed the method of the breach and revealed what information was accessed. While Lynx’s reporting methods leave something to be desired, it appears negligence exposure was the goal.

When Did This Breach Occur?

This breach occurred in February 2020.

Who Does the Breach Impact?

The breach has impacted anyone that received a strange email that started with "If you're reading this, it's too late. We have your data." The email went on to explain– somewhat comically– that the people sending the emails out wanted nothing to do with the victims' data; they wanted to alert the victims to the breach so they could be aware and remain safe and cautious.

How Many Files Does the Breach Affect?

The breach affected over 300,000 people, as shown in the email. “We’re just using 377,428 emails from their (referring to Skinwraps) customer database to send this mass email (that’s bad!).”

 

Recent Breaches

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address
Close