Hacker steals 1 million Cock.li user records in webmail data breach www.bleepingcomputer.com/news/secu…

Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records.

The incident exposed all users who had logged in to the mail service since 2016, estimated at 1,023,800 people, along with contact entries for an additional 93,000 users.

Cock.li is a Germany-based free email hosting provider with a privacy-focused ethos and lax moderation policies, run by a single operator known as ‘Vincent Canfield’ since 2013.