Extortionist hacks IT provider used by the stars of tech and big biz, leaks customer info after ransom goes unpaid
A service provider hired by the likes of Oracle, SAP, BT, and many others, to manage their IT systems has been hacked – and its client data held to ransom.
At the turn of this month, Germany-based CityComp was broken into by a miscreant, who pinched troves of private information from its customer database and threatened to publicly reveal all that stolen data unless a ransom was coughed up.
The hacker, going by the name Boris, has said that right now a partial sample of the swiped info is available to download from a Tor-hidden dark web site, and because the ransom was not paid by CityComp, the full archives are set to be released today. Boris claimed the price was $5,000, though CityComp disputes this and says it was more than that.
CityComp boasts it looks after "more than 70,000 servers and storage systems of all types and sizes in up to 75 countries. In addition, we provide support for more than 500,000 client hardware (PC, workstation, printer, cash register)."
In other words, it's hired to install, maintain, repair, and remove IT equipment for scores of companies, ranging from Oracle, SAP, BT, Toshiba, VW and Airbus to Porsche, Hugo Boss, Ericsson and ATOS.
According to sources who have seen the partially leaked information, the data so far includes things like contact information for CityComp's customers – such as names, email addresses and phone numbers – notes of meetings with clients, and IT equipment inventories, such as model numbers, specifications, and serial numbers. How much is available to download depends on the victim: some have a few spreadsheets of contact details leaked, and some have what's said to be long lists of installed computer gear and other documentation.
This information could be useful to criminals seeking any inside information to pull off targeted cyber-attacks against certain corporations. We're not talking direct identity theft, here.
According to Boris, "312,570 files in 51,025 folders, over 516 Gb data financial and private information on all clients, include VAG, Ericsson, Leica, MAN, Toshiba, UniCredit, British Telecom and etc," was stolen from the German service provider.
Industry: Cyber Security News
- Security infrastructure Engineer - Firewall | IDS | NAC | Cloud. Exclusive project, £75,000+
- United Kingdom
Security infrastructure Engineer - Firewall | IDS | NAC | Cloud. Exclusive project DCL Search exclusive Identifier Project. To join a financial services business. Key hire to be part of / influence the cyber security capability and direction within the business. Hands on experience managing / monitoring / upgrading / implementing / using the following; · Firewalls: SonicWall and or Palo Alto · NAC: Cisco OR Macmon · WAF | CASB | MDM Experience with SIEM monitoring / vulnerability analysis also highly desirable. MUST have current hands on experience with vulnerability management tooling and best practice. Current Financial services is a nice to have. Learn new skills working within a collaborative team. Grow as a security professional.
- Outside IR 35 CONTRACT SC CLEARED Cyber Security Operations Analyst SPLUNK ES- UK REMOTE- £500 a day.
6 month contract Outside IR35 Operational Cyber Security Analyst. Hands on Splunk Security Enterprise and Security clearance is required As is someone that holds SC clearance. SOC and Vulnerability management experience. Vulnerability Analysis / Management - Tenable
- SOC Manager Security Operations. SIEM, Threat / Vulnerability, IR, SOC Service- Exclusive
- United Kingdom
SOC Manager- SIEM, Threat / Vulnerability, Incident response. Exclusive Project. Management and on growth growth of Security Operations Centre capability. Managing and maturing the team, technical services line and fronting client engagements where needed. An in-depth technical background is essential, experience across SOC SIEM/ Threat Hunting (IR) tools, processes, techniques, operational is a MUST. The role will include, but not limited to; evolving the technical process, building operational capability, managing and hiring team, involved at a high level overviewing policy/playbooks, fine turning of the go-to-market collateral etc.
- Contact 12 month- Security Operations- Tanium Engineer / Analyst.
- United Kingdom
- Dependent on experience
Security Operations engineer / Analyst with Tanium for a 12 month contract. Experience configuring using, managing, supporting troubleshooting Tanium's suite of end point solutions is essential. The opportunity is due to a client expanding its international capability to a follow the sun model. To be involved in spinning up a European capability. Based in the UK. English essential and ideally being fluent in French.