“(E)ach time a Layer is opened, a new wave of liability will fall upon you,” says an extortion note from the prolific hacker ‘Dark Overlord,’ who now claims to possess sensitive records relating to the 9-11 stolen from prominent insurance and legal firms, Motherboard reports.
The hacker posted a note on Pastebin, an online repository for texts and code as well as stolen information, calling on victims to pay up or have records from Hiscox Syndicates Ltd, Lloyds of London, and Silverstein Properties exposed.
The note reads:
“Hiscox Syndicates Ltd and Lloyds of London are some of the biggest insurers on the planet insuring everything from the smallest policies to some of the largest policies on the planet, and who even insured structures such as the World Trade Centers.”
According to the Dark Overlord, the stolen documents contain revelatory information about the 9-11 attacks:
“We’ll be providing many answers about 9.11 conspiracies through our 18.000 secret documents leak.”
A spokesperson for Hiscox confirmed that a data breach had taken place at a related law firm and not at Hiscox itself:
“The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident. One of the cases the law firm handled for Hiscox and other insurers related to litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach.”
Included in the extortion note is a link to a 10GB encrypted archive the Dark Overlord says contains the stolen files.
The hacker says he or she will decrypt the files in batches unless victims pay a ransom in bitcoins:
“Pay the fuck up, or we’re going to bury you with this. If you continue to fail us, we’ll escalate these releases by releasing the keys.”
The Dark Overlord is also reportedly selling the data on the Dark Net, and is contacting and attempting to blackmail individuals mentioned in the documents:
“If you’re one of the dozens of solicitor firms who was involved in the litigation, a politician who was involved in the case, a law enforcement agency who was involved in the investigations, a property management firm, an investment bank, a client of a client, a reference of a reference, a global insurer, or whoever else, you’re welcome to contact our e-mail below and make a request to formally have your documents and materials withdrawn from any eventual public release of the materials. However, you’ll be paying us.”
The Dark Overlord has achieved some notoriety in the past for several other hacks, including the theft and Dark Net publication of millions of medical records:
“48,000 records from a healthcare organisation in Farmington, Missouri; hundreds of thousands from Atlanta, Georgia, and the Central/Midwest US; 9 million apparent patient insurance details; and, on Tuesday, information on 34,000 supposed New York healthcare patients.”
The hacker even outlined his or her detailed media strategy for putting pressure on marks in a Motherboard story here.