In August 2022, the online feces delivery service ShitExpress suffered a data breach that exposed 24,000 unique email addresses. The addresses spanned invoices, gift cards, promotions and PayPal records. The breach also exposed the IP and email addresses of senders, physical addresses of recipients and messages accompanying the delivery.
Of the accounts listed, approximately 1 UMBC account was indicated in this potential breach. The victim has been notified via their UMBC email. If you have an account with ShitExpress, please contact them to see if you have been affected by this breach.
More information on the ShitExpress breach (and subsequent extortion attempts) can be seen at an article from Bleeping Computer: https://www.bleepingcomputer.com/news/security/anonymous-poop-gifting-site-hacked-customers-exposed/
If you have any questions or concerns, please email us at security@umbc.edu. Information about this potential breach was provided to us by Have I Been Pwned (HIBP): https://haveibeenpwned.com.
Receive any suspicious emails?
Forward it to security@umbc.edu along with the email headers. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.
Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.