Two companies providing Usenet services have revealed security breaches today. The two companies, UseNeXT and Usenet.nl, report that the breaches are due to "a security vulnerability of a partner company."
Neither UseNeXT nor Usenet.nl mentioned which company the software allowed to invade, so it is unclear whether they are referring to a client that allows connection to Usenet or to a server.
Both network service providers have closed their websites to investigate the breach.
According to an almost identical message posted by both companies [1, 2], report that the attacker gained access to information such as names, billing addresses, payment details (IBAN and account numbers) and other information provided by users during the process of creating an account on the two sites.
Both companies provide a paid service that allows users to connect to the Usenet network.
This network is one of early forms of the Internet and forerunner of today 's world wide web. More specifically, it is a network of nodes through which users can share news or files and discuss, something like a modern bulletin board system.
The network is accessed through special applications and input nodes (providers). UseNeXT and Usenet.nl provide such a paid connection service for very high speed network access, as free access to Usenet is slow, infrequent and unsafe.
Following today's announcement of a breach, both UseNeXT and Usenet.nl are asking customers to change their account passwords as soon as their sites return to the Internet and to check all Usenet account settings for unauthorized changes.
Since their cards have been leaked both companies advise their customers to watch out for suspicious charges or strange movements in bank accounts.
Both companies also report that their customers are at risk for phishing attempts.