Bell Canada Hacked by NullCrew


Related Links

Related Stories

  • NullCrew hacks MoD – leaks thousands of plaintext credentials
    NullCrew remembered the 5th of November by breaking into and stealing and dumping more than 3400 email addresses and passwords. While the date of the breach cannot be verified, it does look as if it happened on the Guy Fawkes anniversary.
  • NullCrew dumps DoD and MasterCard data
    The NullCrew hacking group is continuing its recently announced campaign – F the System – against governments and big business. Its latest ezine dumps data apparently taken from a DoD site,, NSA, Mastercard and BB&T.
  • NullCrew continues its hacking spree with a new international operation
    NullCrew is a hacking team that bears some similarities to the defunct LulzSec: it has sympathy with Anonymous, but is separate from Anonymous. It does, however, operate with none of the taunting flamboyance that probably led to the downfall of LulzSec.
  • NullCrew: the principled hacker group?
    In a wide-ranging interview broadcast over online Spreaker radio but conducted probably via IRC, UK Anon Winston Smith has been talking to Null, the leader of the NullCrew hacking group.
  • Group claims credit for hack into Yale's network
    The group NullCrew has claimed that it hacked into Yale University’s network and stole user names, passwords, social security numbers, addresses, and phone numbers of 1,200 students and staff.

Top 5 Stories


Bell Canada Hacked by NullCrew

03 February 2014

Bell Canada announced Sunday that "22,421 user names and passwords and 5 valid credit card numbers of Bell small-business customers were posted on the Internet this weekend." It claims that it was not directly breached, but that the "posting results from illegal hacking of an Ottawa-based third-party supplier." But there's more to the story.

NullCrew, a hacking group that has been relatively quiet for some time (in late 2012 it dumped data stolen from a DoD site,, NSA, Mastercard and BB&T) has returned. On 10 January it announced, "We have hidden ourselves for far to long, and it's time to show these fucktards that we're still here." Five days later, 15 January, it tweeted, "Successful day hacking internet service providers is successful."

It is now thought that this was the first reference to what followed. On 31 January NullCrew tweeted, "Re-tweet for a rather large leak on a Canadian ISP. #NullCrew and it begins!" Two days later Bell released its statement confirming that it had lost at least 22,421 user names and passwords, but denying that it had been hacked.

Databreaches contacted NullCrew to learn more. NullCrew provided a screenshot of a chat it had with Bell Support "weeks ago" where it informed Bell of the breach. Derek (Bell support) said, "Bell Internet service is a secured one." The hacker responded, "If that's true, why do I have access to several.. and I mean SEVERAL user accounts."

The lack of any response from Bell could be taken as the support engineer assuming it was a prank call. But NullCrew went further. "I informed them they didn’t have much time, and the world would soon see their failure," the hacker told Databreaches. "Their response was exactly what you see in their article, bullshit. “Bell Internet is a secure service.” They did not even say they would look into it, they did not try and assess the exploit.. it was up, for two weeks. And only taken down after we released our data."

The domain concerned is At the time of writing this report the domain is unavailable. Bell says the server concerned belongs not to Bell, but to a third party provider (which it did not name). Databreaches tweeted, "The IP for the subdomain in question is registered to Magma Communications." 

NullCrew is suggesting that this is just the beginning of its campaign. "NullCrew is far from done, we want to make it evident that just because we lurked in the shadows; it does not mean we left. That we are here to stay. Simply put? Stay tuned," it told Databreaches. The question now is whether it managed to traverse from the third party supplier to Bell's own servers.

This article is featured in:
Data Loss  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×