ICLearns hackers broke into the unencrypted web protocol and obtained the passwords of millions of customers in the United States and other countries, a security company has said.
ICL, a music streaming service, said the hackers breached the SSL protocol used to secure internet connections in order to steal the login credentials of customers, including those of celebrities, politicians and other influential individuals.
ICM Partners, which helps businesses manage their digital footprints, said on Monday that it has found the attackers accessed the credentials of a user in the US and a number of other countries.
The hackers have not been identified.
ICloud, the world’s biggest music streaming company, has been battling the hackers for months, claiming that it lost customers’ login credentials and passwords after the hackers made the jump from a software vulnerability to a code injection.
The company is still struggling to recover its data.
IClease, a rival of IClearns, said that it also discovered a backdoor in the SSL/TLS protocol used in the internet that allowed the hackers to compromise customers’ computer systems.
The two companies did not disclose the number of customers whose passwords were compromised.
IClearns said in a blog post that it had found the backdoor after it was used to log in to the accounts of hundreds of thousands of its customers and gain control of their accounts.
IClauthority, a cybersecurity company that specializes in securing internet connections, said in an advisory that IClawn hackers had accessed the SSL network of IClearners.
The breach came as the industry is battling a wave of ransomware attacks that have seen victims pay hackers up to $100,000 to decrypt their files and steal their money.
The companies said the ransomware attacks on banks, credit card companies and other financial institutions have hit US and UK banks hardest.