Gigabyte Allegedly Hit by AvosLocker Ransomware

2021-10-21 17:33

The AvosLocker ransomware gang is claiming that it breached tech giant Gigabyte, adding that it has leaked a sample of what it claims are files stolen from the Taiwanese company's network.

"Some of the leaked data calls into question how Gigabyte stores and uses data," the writeup suggested.

We were particularly surprised to find a vast amount of identifiable data about job applicants, including CVs and resumes, which normally include personal data like dates of birth, email addresses, and phone numbers."

"As a rule of thumb, companies should not hold onto candidates' data after the hiring process is over, and the Gigabyte data leak demonstrates why, as this information can fall into the wrong hands. For this reason, the EU has a GDPR law that requires companies to delete data like this."

It's not the first ransomware gang to pull this stunt, which is meant to add yet another thumbscrew to the double-extortion gambit of not only freezing victims' systems but also threatening to publish stolen data if they don't pay up.

"[It's] simply not true," he said, and that's evidenced by the fact that large amounts of unimportant data from hundreds of companies get dumped on shame blogs of ransomware groups such as SunCrypt or LockBit.

News URL

https://threatpost.com/gigabyte-avoslocker-ransomware-gang/175642/

#ransomware

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Gigabyte		11	0	1	4	5	10