Security News > 2023 > April > Fake ransomware gang targets U.S. orgs with empty data leak threats
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid.
They have also impersonated some ransomware and data extortion gangs in emails and claimed to be the authors of the intrusion, stealing hundreds of gigabytes of important data.
BleepingComputer found another email from Midnight Group, professing that they were the authors of the data breach and that they stole 600GB of "Essential data" from the servers.
Arete says that at least 15 of their current and previous clients received fake threats from the Midnight Group, which supported their data theft claims with vague details.
Ransomware actors often sell the data they steal from victims even when they get paid.
If Midnight Group has access to the markets and forums where this data is traded or sold they could learn about ransomware victims that have yet to disclose the cyberattack.
News URL
Related news
- Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- Royal Mail investigates data leak claims, no impact on operations (source)
- Everest ransomware's dark web leak site defaced, now offline (source)
- Western Sydney University discloses security breaches, data leak (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks (source)
- New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy (source)