Failed blackmail attempt prompts hackers to leak ocean of data belonging to major companies

Failed blackmail attempt prompts hackers to leak ocean of data belonging to major companies 1

A hacking group has published a trove of data belonging to Citycomp which appears to have exposed the data of customers, some of which are extremely well-known enterprise companies across the globe.

Citycomp is a German IT company which provides the IT backbone and infrastructure required by enterprise companies. Citycomp says it maintains over 70,000 services and storage systems, as well as providing support and maintenance services for peripherals including cash register systems and printers.

In a statement issued this week, the company said it was the victim of a “targeted” cyberattack in early April this year.

While the company said it was able to “successfully fend off” the “hacker attack” with the help of external cybersecurity experts and the State Criminal Police Office of Baden-Württemberg, it was not entirely successful — as customer data had already been stolen.

Coinbase 3

The threat actors identities are unknown. However, it appears the attack was simply about the money, as the hackers tried to force Citycomp to pay a blackmail fee on the threat of the data entering the public domain.

Citycomp did not comply and so customer data has been released.

TechRepublic: Why third-party providers pose a security risk to organizations

“Since Citycomp does not comply with blackmail the publication of customer data could not be prevented,” the IT provider says. “The stolen data has now been published by the perpetrators and Citycomp’s customers were informed about it.”

The leaked data has been posted to a .onion domain, which is not accessible in the “public” clear Internet. These domains can only be accessed through the Tor network.

On the website, the threat actor claims that “312,570 files in 51,025 folders and over 516GB of data” was stolen, including “financial and private information on all clients, include VAG, Ericsson, Leica, MAN, Toshiba, UniCredit, and British Telecom (BT).”

See also: DJI employee who leaked source code sent behind bars

Other Citycomp clients named in the data dump include ATOS, Grohe, Hugo Boss, Oracle, SAP, and Porsche, among others.

In the data dump, which was viewed by ZDNet, customer email addresses and telephone numbers, meetings reports, asset lists — such as servers and other equipment connected to a customer account — as well as some payroll records, project sheets, and accountancy statements were all available. 

Some clients were only connected to a handful of leaked documents, whereas other customer records were far more robust and extensive. The authenticity of the leaked data has not been verified at the time of writing.

The ProtonMail email address posted with the information leak is connected to a form of ransomware which encrypts files using the .snatch extension. The ransomware strain in question was discovered in December 2018.

CNET: Cybercriminals ramping up fraud attacks on social media, says report

The — or one — of the alleged hackers behind the campaign spoke to the Register, telling the publication that the data currently available online is only a sample of the whole and was published as Citycomp did not pay a $5,000 ransom demand.

ZDNet has reached out to clients which appear to have been involved in the breach, including BT, Oracle, Ericsson, Hugo Boss, and SAP. At the time of writing, none of the companies have responded to requests for comment. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Failed blackmail attempt prompts hackers to leak ocean of data belonging to major companies 2
blank
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 32,548.00
ethereum
Ethereum (ETH) $ 2,074.16
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 290.32
cardano
Cardano (ADA) $ 1.18
xrp
XRP (XRP) $ 0.598070
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.192609
polkadot
Polkadot (DOT) $ 12.94
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 32,548.00
ethereumEthereum (ETH)
$ 2,074.16
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 445.80
litecoinLitecoin (LTC)
$ 120.53
bitcoinBitcoin (BTC)
27.651,97
ethereumEthereum (ETH)
1.762,15
tetherTether (USDT)
0,849575
bitcoin-cashBitcoin Cash (BCH)
378,74
litecoinLitecoin (LTC)
102,40
bitcoinBitcoin (BTC)
23,914.48
ethereumEthereum (ETH)
1,523.98
tetherTether (USDT)
0.734745
bitcoin-cashBitcoin Cash (BCH)
327.55
litecoinLitecoin (LTC)
88.56

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020
KuCoin hackers steal $150 million
KuCoin Exchange Hacked But Insurance Will Cover The Stolen $150M
September 29, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d

bitcoin
Bitcoin (BTC) $ 32,430.00
ethereum
Ethereum (ETH) $ 2,061.89
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 288.85
cardano
Cardano (ADA) $ 1.17
xrp
XRP (XRP) $ 0.593200
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.191466
polkadot
Polkadot (DOT) $ 12.73
binance-usd
Binance USD (BUSD) $ 1.00