Should i be worried?

t_hedlundt_hedlund Registered Users Posts: 22 Big grins

Received this today in my e-mail.

Is there anywhere that I need to forward this e-mail to?

I'm sorry if there are already instructions with dealing with this, I didn't have the time to do any research into this.

Thank you!

Your Databases Has Been ExtractedYour Site Has Been Hacked


We have hacked your website https://www.tomhedlund.com and extracted y0ur databases.

How did this happen?

0ur team has f0und a vulnerability within y0ur site that we were able t0 expl0it. After finding the vulnerability we were able t0 get your database credentials and extract your entire database and m0ve the information t0 an 0ffsh0re server.

What d0es this mean?

We will systematically g0 thr0ugh a series of steps 0f totally damaging y0ur reputation. First your database will be leaked 0r s0ld to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails f0und they will be e-mailed that their inf0rmati0n has been sold or leaked and y0ur site https://www.tomhedlund.com was at fault thusly damaging y0ur reputati0n and having angry customers/ass0ciates with whatever angry cust0mers/ass0ciates d0. Lastly any links that you have indexed in the search engines will be de-indexed based 0ff 0f blackhat techniques that we used in the past t0 de-index our targets.

H0w d0 i st0p this?

We are willing to refrain from destr0ying your site’s reputati0n f0r a small fee. The current fee is $3000 in bitcoins (0.15 BTC).

Please send the bitcoin t0 the foll0wing Bitcoin address (C0py and paste as it is case sensitive):


0nce you have paid we will automatically get informed that it was your payment. Please n0te that y0u have to make payment within 3 days after opening this e-mail 0r the database leak, e-mails dispatched, and de-index 0f your site WiLL start!

How do i get Bitcoins?

You can easily buy bitcoins via several websites 0r even 0ffline fr0m a Bitcoin-ATM.

What if i d0n’t pay?

if y0u decide not t0 pay, we will start the attack at the indicated date and uphold it until y0u do, there’s no c0unter measure t0 this, y0u will only end up wasting more money trying t0 find a soluti0n. We will completely destroy your reputation am0ngst g0ogle and y0ur customers.

This is n0t a h0ax, d0 n0t reply t0 this email, don’t try t0 reas0n 0r neg0tiate, we will not read any replies. 0nce you have paid we will stop what we were doing and y0u will never hear fr0m us again!

Please n0te that Bitcoin is anonymous and n0 0ne will find out that y0u have complied. Finally d0n't reply as this email is unm0nit0red.


  • Options
    RichardRichard Administrators, Vanilla Admin Posts: 19,932 moderator

    I suggest you contact SmugMug support: help@Smugmug.com

  • Options
    rainforest1155rainforest1155 Registered Users Posts: 4,566 Major grins

    Hi Tom,
    If you haven't contacted us at our HelpDesk yet, the email you received is very likely just a scam trying to get you into sending money. It's a common scheme for people using custom domains and I've personally received such email (if not the exact same) in the past. With a custom domain, it's easy to guess a valid email address and receiving the email doesn't proof that anyone has hacked into any part of your domain.

    If you have further questions on this, I would recommend that you contact us on our HelpDesk as Richard suggested so we could take a closer look.

    SmugMug Support Hero
Sign In or Register to comment.