Cyber Incident Victim: Faithless
Date:
Sep 2015
Location:
United Kingdom
Summary
A British band's website was compromised via an SQL injection attack, resulting in the theft of personal data belonging to approximately 18,000 fans, including email addresses and passwords. The stolen information appeared for sale on the Dark Web, exposing affected individuals to potential phishing schemes and fraud through spoofed communications leveraging their musical interests. Security researchers identified the breach after detecting the database being marketed illicitly and alerted the website operators, who addressed the vulnerability but did not notify users of the incident. This attack underscores broader cybersecurity risks facing the music industry, where trusted artist-fan relationships are exploited to facilitate data theft and subsequent criminal activity, mirroring prior breaches targeting prominent musicians and entertainment companies.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In September 2015, cybersecurity firm CyberInt detected a breach affecting approximately 18,000 users of the British dance band Faithless's official website, faithless.co.uk. The intrusion occurred when attackers exploited a vulnerability using an SQL injection attack, a common technique allowing unauthorized database access, to upload a single piece of malware onto the site. CyberInt identified the compromise through its real-time threat intelligence systems while monitoring underground forums, discovering that a database containing Faithless fan data was being offered for sale on the Dark Web. The security firm alerted the band’s management about the breach, though no public disclosure was made at that time. The stolen data included personal email addresses and passwords used by fans to access the website. CyberInt confirmed the incident publicly in January 2016, noting that while the band appeared to have addressed the technical vulnerability, affected users remained unaware their information had been compromised. Faithless’s management did not respond to media requests for comment regarding the breach or their remediation efforts.
The compromised data posed significant risks to victims, as cybercriminals could leverage email addresses and details about musical preferences to craft targeted phishing campaigns. Fraudsters might send spoofed emails containing malicious attachments or links to fake websites designed to harvest additional personal information or gain control of victims’ devices. CyberInt warned that the stolen records, though likely sold for only a few hundred dollars on the Dark Web, could enable far greater financial losses for individual fans. The incident highlighted broader security concerns within the music industry, which CyberInt described as increasingly attractive to attackers due to the trusted relationships between artists and fans. Historical precedents included repeated breaches at Sony Music and attacks targeting websites of artists like Lady Gaga and Jessie J. The Faithless hack occurred amid a wave of high-profile breaches affecting organizations such as the BBC, Wetherspoon pub chain, TalkTalk, and Ashley Madison, underscoring systemic vulnerabilities across multiple sectors.