Rex Mundi reveals large number of client details after payday lender AmeriCash will not fork over ransom
Hacker team Rex Mundi has made good on its promise to write a large number of loan-applicant records it swiped from AmeriCash Advance following the payday lender refused to fork over between $15,000 and $20,000 as an extortion cost -- or, in Rex Mundi's terms, an "idiot taxation."
The team announced on June 15 it was in a position to take AmeriCash's consumer data considering that the business had kept a private web page unsecured on certainly one of its servers. "these pages enables its affiliates to observe how loan that is many they recruited and exactly how much cash they made," in accordance with the group's post on dpaste.com. "not merely ended up being these pages unsecured, it absolutely was actually referenced inside their robots.txt file (bad, bad move, dudes)."
Rex Mundi not merely utilized the post to chastise AmeriCash for purported data that are lackluster, in addition took a swipe during the organization's business structure, criticizing it for focusing on low-income workers with "vastly overpriced" loans. AmeriCash's APRs (annual portion prices) are priced between 353 per cent on as much as 1,368 %.
Rex Mundi is not the very first hacker team to claim the ethical high ground whenever choosing goals. Friends called UGNazi leaked and removed consumer information stolen from on the web payment service provider WHMCS month that is last accusing the business of supplying solutions to known scammers. Additionally final thirty days, a group called The Unknowns revealed it had been exposing protection holes into the IT systems of prominent companies such as for example NASA and branches regarding the U.S. army to force them to enhance their defenses.
Nonetheless, unlike the groups that are aforementioned, state, Anonymous, Rex Mundi has acknowledged that cash is a motivator. "We
The declaration proceeded to express that AmeriCash notified those that was in fact impacted and warned them become vigilant, given that taken data could possibly be utilized in phishing assaults.