Evite confirms that its customer data was stolen and put up for sale in the Dark Web

• Evite became aware of the incident on April 15, 2019, after Gnosticplayers published almost 10 million Evite user data on the Dark Web.
• Upon which, the e-invitations launched an extensive investigation and found out that the malicious activity started on February 22, 2019.

The E-invitations platform Evite has admitted that it suffered a data breach in February and the stolen user data was put up for sale in the Dream Market marketplace by the infamous hacker ‘Gnosticplayers’.

Evite has also provided additional details about the breach and the steps they’ve taken to remediate the incident in a security update.

The detailed picture

Evite became aware of the incident on April 15, 2019, after Gnosticplayers published almost 10 million Evite user data on the Dark Web, along with the user data from 5 other companies including Mindjolt, Wanelo, iCracked, Yanolja, and Moda Operandi.

Upon which, the e-invitations platform hired a leading data security firm and launched an extensive investigation. The investigation revealed malicious activity since February 22, 2019.

On May 14, 2019, Evite confirmed that an unauthorized third party gained access to an inactive data storage file that contained Evite user accounts prior to 2013.

What data was compromised?

The data storage file contained user data such as users’ names, usernames, email addresses, passwords, dates of birth, and phone numbers. However, no financial information and Social Security numbers were compromised.

What are the preventive measures taken?

• Upon learning the incident, Evite notified the law enforcement authorities about the breach.
• The social planning website is working closely with leading security experts to review its systems and address any vulnerabilities.
• It has implemented additional security measures to detect and prevent any unauthorized access.
• The e-invitations service has also requested its customers to review their accounts for any suspicious activity and reset their Evite passwords.

“We sincerely regret any inconvenience or concern caused by this incident. We are committed to protecting your information and maintaining your trust and confidence,” Evite concluded.