Data and backup files lost in attack

UPDATE The creator of VFEmail has announced that the service will “likely not return” as a result of the hack.

“Yes, @VFEmail is effectively gone. It will likely not return,” @Havokmon tweeted today. “I never thought anyone would care about my labor of love so much that they’d want to completely and thoroughly destroy it.”





VFEmail, a security-focused email provider, has been subject to a “catastrophic” attack that resulted in the loss of all data and backup files for some users.

The company announced on Twitter last night that a remote attack by an unidentified hacker has reformatted and wiped data across all of its US servers.

“This is not looking good,” the company tweeted. “All externally facing systems, of differing OS’s and remote authentication, in multiple data centers are down.”

It added: “At this time, the attacker has formatted all the disks on every server. Every VM is lost. Every file server is lost, every backup server is lost.”

A statement posted to its website gave more details. It also pointed to an IP address which appears to be registered in Bulgaria.

While it isn’t yet clear how the attacker gained access to the systems, VFEmail posted evidence of the code used to reformat its backup servers.

VFEmail also noted that staff are working on restoring “one file server caught during formatting”, but that most of the infrastructure is “lost”.

The website is now back up and running, but a number of its subdomains remain offline.

This isn’t the first time the company, which offers both free and paid-for services, has been attacked.

In 2015, an online group known as the ‘Armada Collective’ launched a DDoS attack on VFEmail after it refused to pay a ransom.

It was one of multiple email providers to have been targeted by the group, which also attacked ProtonMail, Hushmail, and Runbox.

This story has been updated to include comments from VFEmail’s founder.