Two Usenet major providers have shut down their websites due to a breach at a partner company that has exposed customers to fraud and identity theft.
While both UseNeXT and Usenet.nl have blamed “a security vulnerability at a partner company,” neither named the supposed culprit used to carry out the attack. It is yet to be identified if the breach happened at the client-side desktop end or on the server side.
According to a prepared statement by both providers, the interlopers were able to access account holders’ information including names, billing addresses, banking details, and other data shared by users during the account creation process.
Usenet is a decentralized and secured network of servers and clients which facilitates the connection between different users virtually in “newsgroups”.
These are one of the oldest methods of sharing data and are still used to share data, pirated software, movies, TV shows, etc, as using Usenet for sharing data means it largely flows undetected.
Since most of the modern free Usenet offerings only provide slow access speeds, both UseNeXT and Usenet.nl offer a faster paid service and are considered among the few high-profile suppliers.
“Unauthorized persons have accessed our infrastructure via a security hole in a partner company. We are currently analyzing what damage may have occurred. For security reasons, all systems are currently offline,” UseNeXT’s statement read.
Both companies have warned users to update their passwords as soon as the sites return, and review their accounts for any unauthorized usage. Users have also been asked to monitor their bank statements for any fraudulent charges.