A hacking group going by the name Amn3s1a Team has revealed some data which shows that they might have hacked the mega.nz servers. The group dumped the data they claim to have gotten from the hack online.
The Mega Chairman, Stephen Hall, released a statement in which he confirmed that there had been an incident about the servers for the company but noted that there had not been any user data which was compromised as a result.
Hall claims that the hackers had managed to use some of the login credentials which were given to one of the contractors of the company. The contractors have been working on maintaining the company’s blog and its help center. The company confirmed that the contractor’s computer had been used and they had used their login credentials to enter the Mega servers.
The hackers are said to have dumped the initial part of the data in a Pastebin file which had all the administration logins for some Mega employees. The hackers then published a second file on Pastebin which also had the link to most of the data which was on the Mega server, and strangely, the data was being hosted on the Mega.nz servers itself. The second data dump seemed to have in it one of the Mega’s CMSs and also included some data exchange which had happened Kim Dotcom and one of the employees at the company.
The hacking group responsible for the attack said that they had also managed to steal about 2 GB of code from the company. Some of the code which they had stolen included the source code for Mega Chat, which is the browser based chat that the company offers and uses. The group also said that they were auctioning the rest of the data that they had to the highest bidder for 0.6 bitcoins, a figure which loosely translates to $445.
In the statement that Hall put out, he downplayed the value of the source code that the hackers had in their hands but confirmed that they had stolen it. He said that the hackers might have accessed the development version of the source code, but MEGA already actively published these source codes as a part of their push for transparency. He also noted that the company had already taken back the breached system and the Mega blog and help center was going to be restored in no time.