Cyber Incident Victim: Fax Express
Date:
Dec 2020
Location:
United States of America
Summary
A hacked database belonging to Fax Express, an office equipment supply store based in Ocean County, New Jersey, exposed approximately 560,000 compromised usernames and dehashed passwords linked to the domain shredderstoo[.]com. The breach was identified as part of a larger compromise involving Cit0Day, a hacker platform hosting over 13 billion records across 23,000 databases, which itself appeared breached shortly before the company's data was advertised on forums. Though the leaked credentials were not highly sensitive, they posed risks of credential reuse attacks, particularly threatening New Jersey organizations since the company’s clientele primarily consisted of business owners and office equipment purchasers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 10, 2020, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) reported a data breach involving Fax Express, an Ocean County-based office equipment supply store. A database associated with the domain shredderstoo[.]com, assessed to belong to Fax Express, was compromised and publicly exposed. The breach exposed approximately 560,000 usernames and passwords that had been dehashed, rendering them usable in plaintext form. Though the data did not include highly sensitive categories like financial or health records, the credentials posed significant risks due to potential reuse across multiple accounts. The compromised database was identified as part of a larger cache of stolen data linked to Cit0Day, a hacker platform offering paid access to aggregated credential collections.
The exposed Fax Express data appeared on hacker forums shortly after Cit0Day itself suffered an intrusion, suggesting secondary dissemination of its stored datasets. Cit0Day’s repository contained approximately 23,000 breached databases collectively housing over 13 billion user records, with Fax Express representing one compromised entity within this trove. Threat actors could exploit the credentials to target business accounts, particularly since Fax Express primarily served organizational clients purchasing office equipment. This elevated risks for New Jersey businesses, as compromised passwords reused across corporate systems might enable further network intrusions. No specific containment measures or organizational responses from Fax Express were detailed in available reporting at the time of the NJCCIC disclosure.