Skip to Content
Security & privacy

Extortion group threatens to release sensitive 9/11 documents

The 9/11 terrorist attack of 2001 remains the most traumatic, if not the most controversial, event in U.S. history. Nearly 3,000 people died and more than 6,000 were injured when terrorists hijacked planes that crashed into the World Trade Center, the Pentagon and near Shanksville, Pa.

And like any watershed moment, perhaps rivaled only by the Kennedy assassination, endless conspiracy theories and “truther” stories surround the tragic event to this day.

With tons of classified information still locked away in congressional vaults for years, the full picture may remain forever out of the public’s hands. With rumors and half-baked truths, what do we really know?

But lo and behold, in a shady extortion attempt, a hacker group claims to hold the answers to the burning questions that still surround the 9/11 attacks.

Is the truth about the 9/11 attacks out there?

The Dark Overlord, the hacking group believed to be responsible for the massive health data hack of 2016 and the Netflix “Orange is the New Black” extortion scam, is at it again.

This time, it said it was welcoming 2019 with “open arms” by threatening to publicly release a huge cache of secret documents related to the 9/11 attacks unless their ransom demands are met.

In a Pastebin post, the hacking group claimed to have breached Hiscox Syndicates Ltd., Lloyds of London and Silverstein Properties, insurance firms that have handled 9/11 related cases and even insured the World Trade Center itself.

“Hiscox Syndicates Ltd and Lloyds of London are some of the biggest insurers on the planet insuring everything from the smallest policies to some of the largest policies on the planet, and who even insured structures such as the World Trade Centers,” The Dark Overlord’s announcement stated.

The group revealed that its 10GB cache of stolen information includes:

  • emails
  • retainer agreements
  • non-disclosure agreements
  • settlements
  • litigation strategies
  • liability analysis
  • defense formations
  • a collection of expert witness testimonies
  • testimonies
  • communications with government officials in countries all over the world
  • voice mails
  • dealings with the FBI, USDOJ, DOD
  • confidential communications

The group said that the breached law firm associated with Hiscox, in particular, has already paid the initial ransom demand but then broke their agreement by reporting the incident to law enforcement.

Now, the group is threatening to release the decryption keys to the cache of files unless the company pays a second ransom demand in bitcoin.

It’s still unknown how much of this data is related to the 9/11 attacks but the group recently tweeted that they will be “providing many answers about 9.11 conspiracies.”

Note: The Dark Overlord’s Twitter account has been suspended but you can view its archived tweets via the Wayback Machine.

Data breach confirmed

A spokesperson for the Hiscox Group has confirmed to Motherboard that there indeed was a data breach but it did not affect them directly, but rather, it involved a U.S. law firm that advised the company on its U.S. commercial liability insurance claims, including cases that involve the 9/11 attacks.

According to the spokesperson, the law firm’s systems were not connected to Hiscox’s IT infrastructure and the breach did not directly affect the company’s own systems.

The data breach itself appears to have occurred way back in April and Hiscox has already informed its policyholders and law enforcement about the incident.

Stolen data is being shopped around

Despite Hiscox’s denials, The Dark Overlord’s extortion efforts continue. In fact, the group is claiming that it is peddling the stolen data on the Dark Web to willing buyers.

And aside from the big insurance companies, the group is also threatening smaller litigation and property management firms – essentially any company or individual that was involved in 9/11 cases – with the public release of their sensitive documents unless they pay up.

It is a shotgun approach, for sure, but it looks like the group is looking to profit handsomely from this data breach, by hook or by crook. The legitimacy of the data, however, remains to be seen.

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me