For those unfamiliar with the tool , Rsync ( remote sync ) is commonly used by hosting providers , ISPs , and IT departments to backup data between servers . The ISP in question , KWIC Internet in Simcoe , Ontario , fixed Vulnerability-related.PatchVulnerability the Rsync problems after being notified Vulnerability-related.DiscoverVulnerability by Salted Hash , but it isn ’ t clear how long the company ’ s customers were exposed . Via email , Vickery shared his latest findings Vulnerability-related.DiscoverVulnerability with Salted Hash last week . [ Learn about top security certifications : Who they 're for , what they cost , and which you need . Initially , Vickery discovered databases belonging to Annex Business Media , a publishing firm with offices in Simcoe and Aurora , Ontario . One of the exposed Annex databases stood out to him , as it contained the data from the 2015 Ashley Madison data breach Attack.Databreach . The other databases contained customer information ( names , email addresses , etc . ) Salted Hash reached out to Annex Business Media and asked about the Ashley Madison records , as well as to inform them about the more recent security problems , but the company didn ’ t respond to questions . Additional digging led Vickery to discover that Annex was just one part of a larger data breach Attack.Databreach , one that affected all of KWIC Internet 's customers . “ I quickly realized that this one is going to be a real mess for someone to clean up and quite a headache to determine all the affected parties , ” Vickery told Salted Hash . In all , there were terabytes of KWIC data exposed by the breach Attack.Databreach . The information inside the leaked databases included credit card details , email addresses , passwords , names , home and business addresses , phone numbers , email backups , VPN details and credentials , internal KWIC backups , and more . The KWIC archives also included a common PHP shell named r57 , and a PHP-based DDoS tool , suggesting that the company had been hacked Attack.Databreach at some point prior to leaking their backups to the public . “ There are dozens of SQL database backup files and thousands of email backup directories containing everything from internal KWIC staff login credentials to police warrants for ISP subscriber information , ” Vickery said . Other customers exposed by the KWIC data breach Attack.Databreach include at least one law firm , Norfolk County ( norfolkcounty.ca ) , United Way ( unitedwayhn.on.ca ) , and Greenfield Dental Health Group ( greenfielddentistry.ca ) . In March of 2016 , Malwarebytes researcher Jérôme Segura discovered a KWIC customer , Norfolk General Hospital , had a compromised Joomla install that was being used to distribute Ransomware . When Segura reached out to contact the hospital about the incident , they didn ’ t respond right away because the notification was viewed as a sales pitch . KWIC thought a second Malwarebytes notification was a Phishing attack Attack.Phishing . There are a number of unknowns connected to this incident , including the root cause , the number of people and businesses affected , and again - the length of time the data remained exposed to the public . Other questions focus on the PHP shell scripts and DDoS tools , why were they there ? KWIC was contacted immediately after Salted Hash was informed about the data breach Attack.Databreach . It took multiple attempts , as the company does n't have phone support after 8:00 p.m. on weekdays , 3:00 p.m. on Saturdays ( they 're closed Sunday ) , but KWIC eventually responded via email . Twenty-four hours after being notified , the company stated the Rsync issues were fixed , However , they have n't answered any of the other follow-up questions asked by Salted Hash . On Tuesday , via email , the company said an audit was underway and affected customers would be notified once it is complete

Last spring , hackers got into Attack.Databreach the system at the ministry , which was then headed by now-Prime Minister Paolo Gentiloni , and the attacks Attack.Databreach carried on for more than four months but did not gain access Attack.Databreach to classified information , the paper said . “ The Italian government had already informed ( the paper ) of what it is reporting today , ” the source said in response to the article , noting that security had since been stepped up . “ These were not attacks on the encrypted computer system which carries the most important and sensitive information , but the email system for staff at the foreign ministry and embassies , ” the source said . Gentiloni , who took over as premier in December , was not affected by the attack , the Guardian quoted a government official as saying . He avoided using email when he was serving as foreign minister , the paper said . According to the Guardian , two people with knowledge of the attack said the Russian state was believed to have been behind it . The source close to the ministry could not confirm this . Cyber crime has come into sharp focus since United States intelligence agencies accused Russia of interfering in last year ’ s U.S. election . The Russian foreign ministry did not immediately respond to a request for comment on Friday ’ s report . The Kremlin has described allegations of Russian interference in the U.S. election as “ fabricated ” and “ a witch hunt ” . An Italian government source told Reuters this year that the foreign ministry had been hacked Attack.Databreach in the past and that Rome suspected the perpetrators were Russian , but that it is impossible to say with certainty where such attacks came from . Last month , an Italian brother and sister were arrested on suspicion of hacking Attack.Databreach into the emails of European Central Bank President Mario Draghi and thousands of others . The police chief who conducted the investigation said there was no evidence they had acted on behalf of foreign states