The information stolen from the publishing company relates not only to the children but also to the teachers.
The perpetrator obtained more than four million email addresses belonging to customers from the publishing company’s systems. Yevgeny Chabanov
In January, a data breach occurred at the US publishing company Scholastic. Along with other popular children’s books, Scholastic has also published JK Rowling’s Harry Potter books in the US.
Information technology publication The Register says that the data breach was carried out by a person known by the username Parasocial.
According to The Register, Parasocial has described itself as a representative of the turri subculture. However, he says By The Daily Dot in the interview also that he has nothing to do of other turd hackers with.
Parasocial gained access to Scholastic’s systems using the login credentials of an employee at the publishing company. They had been stolen by injecting malware onto the employee’s device.
After getting into Scholastic’s system, Parasocial obtained more than four million email addresses belonging to customers. There were also customers’ names and addresses in connection with the part.
Parasocial also tells The Daily Dot that it could have grabbed even more information. However, Scholastic’s server had its limits for downloading information.
According to The Daily Dot, you can register on Scholastic’s website as a parent, teacher or school principal.
For those registering as a parent, the publishing house’s website suggests stating the child’s full name. Teachers, on the other hand, must indicate the school where they work.
Parasocial therefore got hold of information about both children and people who interact closely with them.
However, he does not intend to do anything with the information he receives, nor does he intend to publish it for others to use.
According to an interview with The Daily Dot, the motive for breaking into Scholastic was simply boredom. In an interview, Parasocial also disapproves of Scholastic’s poor data security.
“Here is something that needs to be learned the hard way. Don’t trouble your customers because of security issues, use two-factor authentication,” Parasocial tells The Daily Dot.
Scholastic has not publicly acknowledged the data breach. Its representative commented on the matter to The Register, saying that the company is currently investigating whether its systems were actually hacked.