Ransomware gang publishes stolen victim data on the public Internet

2022-06-15 10:19

The Alphv ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet website with sensitive data about the employees and customers stolen from a victim organization.

Like some other ransomware gangs before them, they will also probably use the compromised information to directly contact the affected individuals and notify them about their personal, financial and medical information being available online to anyone who knows how to search for it.

Many ransomware gangs have previously set up data leak sites to pressure victim organizations to pay the asked-for ransom, but they were usually set up on the dark web and inaccessible by those who don't know how to use specific software.

In this latest development, the leak website leading to employee and customer information ostensibly stolen from a Oregon company in the hospitality industry is accessible via a regular browser and has been indexed by various search engines.

Affected individuals can use the search box to check whether their information has been compromised, and even download the full set of data and documents that have been stolen from the targeted company.

For employees, these can include information such as email and phone number, Social Security number, date of birth and other sensitive information contained in tax forms, results of medical tests and background checks, and so on.

News URL

https://www.helpnetsecurity.com/2022/06/15/ransomware-victim-data-internet/

#internet #ransomware