Security News > 2021 > August > Nokia subsidiary discloses data breach after Conti ransomware attack
Image: Kabiur Rahman Riyad. SAC Wireless, a US-based Nokia subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems.
Attack detected after Conti ransomware encrypted systems.
The Nokia subsidiary found that personal information belonging to current and former employees was also stolen during the ransomware attack on August 13, following a forensic investigation conducted with the help of external cyber security experts.
"The threat actor, Conti, gained access to the SAC systems, uploaded files to its cloud storage, and then, on June 16, deployed ransomware to encrypt the files on SAC systems," SAC says in data breach notification letters sent to an undisclosed number of impacted individuals.
While the company refused to acknowledge the ransomware attack and did not provide more info on the extent of the damage, the Conti ransomware gang revealed on their leak site that they stole over 250 GB of data.
According to a recent update, the ransomware group will soon leak all the stolen files online if the Nokia subsidiary doesn't pay the ransom they demanded.
News URL
Related news
- Insomniac Games alerts employees hit by ransomware data breach (source)
- Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks (source)
- FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks (source)
- FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks (source)
- LockBit ransomware returns to attacks with new encryptors, servers (source)
- 20 million Cutout.Pro user records leaked on data breach forum (source)
- Golden Corral restaurant chain data breach impacts 183,000 people (source)
- American Express credit cards exposed in vendor data breach (source)
- American Express credit cards exposed in third-party data breach (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)