Fidelity Bank hacked and blackmailed

A group of hackers that calls itself “Hack for Trump” has hacked the website of Fidelity Group and threatened it would make the stolen data public unless Fidelity pays $30,000.

Fidelity has advised customers that it has temporarily taken its website offline.

In an email sent to the Cayman Compass this week, the group said it hacked the website of Fidelity Group and detailed information on what kind of data was obtained.

“We did not get access to their customers’ financial data, but we managed to dump three databases serving their main website. This data contains various confidential details about the bank, as well as hundreds of emails sent by prospective and existing customers, both local and foreign ones,” the hacking group’s email said.

Fidelity said in a press statement Thursday that the bank’s websites are hosted by a third party vendor and only used for marketing and general customer inquiries.

The bank said the potential exposure is very minor.  

“Fidelity has analyzed the websites that were reportedly hacked and they hold minimal client information,” the bank said. “While the bank understands that there is the potential that a very small number of customers may have emailed the bank via the website, as mentioned above, given that the server accessed was the bank’s vendor’s server the potential exposure is very minor.”

According to Fidelity, only the webserver at one of its vendor’s locations was compromised and none of the secure servers that host client and banking information were impacted by the hack.

Customer logins or other security details had also not been affected.

Fidelity said it had not accepted the blackmail demand, reported the matter to the police and taken during the past week “all reasonable steps to ensure that client data has not been compromised.”  

“We will continue to monitor our own servers and will continue to ensure that appropriate internet security measures are in place. In the meantime, we urge our customers to be extra vigilant and to call our customer service department in case of doubt.”

In its email to the Compass the hackers said, “We demanded $30K from Fidelity Group, payable before Friday Sept. 18th in exchange for not posting their databases on the Internet.”

“If Fidelity does pay us, we plan on using those funds to help Donald Trump get elected to the White House, as he is the only candidate who can restore America to its former glory,” the message stated.

The content of the email, which contained three screenshots, was posted on the website Pastebin on Thursday. The screenshots showed the names of the four website databases, the structure of a table within one database and two anonymized customer email enquiries about the possibilities to open an account by a Florida resident and the process for moving a pension account by a customer leaving the island.

No data has yet been published.



  1. I don’t like the statement from Fidelity that ”We will continue to monitor our own servers and will continue to ensure that appropriate internet security measures are in place”.

    Fidelity need not distance itself from their third party vendors as the responsibility to secure client information is their responsibility irrespective of who is hosting the servers on their behalf.

    This needs to be clarified with the company ASAP.