A scammer group is trying to extort victims of a large hack in late September on crowdfunding site Patreon. Cartoonist Steve Streza was notified by the tricksters that they would leak his “tax id, tax form, SSN” plus “credit card details and more sensitive data” if he did not fork over one bitcoin ($324) in 48 hours time. Not doing so would “create a lot of problems for you,” the opportunists warned.
— Steve Streza (@SteveStreza) November 21, 2015
According to reports, roughly 15GB of data was stolen during the hack on Patreon. Information included e-mail addresses and donation records, but not socials, credit card numbers or other personal info. In a message to users, Patreon CEO Jack Conte said the scammers' claims to having more sensitive data were “false” and that “tax forms we store are securely encrypted with RSA 2048-bit encryption, and we do not store full credit card numbers.”
Recipients of the email are urged to flag it as spam and ignore any future threats. It goes without saying, but don’t send the extortionists any bitcoins, or digital currency. Not that anyone is actually falling for it. A search of the sender’s wallet address shows only three transactions totaling a comical 0.0001312 BTC, or about four cents.
Similar extortion attempts were made following the Ashley Madison hack. According to CSO, the same group (DD4BC) is behind both scams. The difference is that the previous campaign — with threats to expose sexscapades — seemed to be working and netted them close to $20,000 before it was stopped.