A bunch of hackers dubbed Maze claims to have compromised the infrastructure of Banco BCR, a Costa Rican state-owned financial institution, and is now threatening to leak hundreds of thousands of bank card numbers.
On April 30, Maze claimed that it has scoped out the financial institution in August 2019:
“In keeping with Monetary Establishments Protocol this financial institution needed to notify different establishments in regards to the safety breach case. However nothing was made. Servers and workstations weren’t blocked. Personal knowledge was not secured. Anyway the Financial institution determined to hide details about the breach. Although the safety personnel have been in a position to analyze the assault logs and to see that the attackers have accessed the cost processing system. We have now stopped the assault because the potential harm was too excessive.”
Maze states that subsequently, in February 2020, they checked the methods and noticed that nothing was executed to repair the cybersecurity vulnerabilities. The hackers declare that due to this, they determined to steal the information from the financial institution, together with transaction info and bank card knowledge:
“We have now received over 11 milion bank card credentials. Over four hundreds of thousands of these bank cards are distinctive. [Of those cards,] 140,000 belong to US residents.”
The ransomware group introduced on Could 5 that it was going to leak the data with out concealing card numbers. Whereas on this specific occasion there isn’t any knowledge on the quantity of Bitcoin (BTC) requested by the hackers, the group has ransomed knowledge prior to now.
Don’t take ransomware group’s claims too significantly
Brett Callow, cybersecurity risk analyst at Emsisoft beforehand informed Cointelegraph that hacker’s claims must be considered suspiciously:
“Claims made by ransomware teams must be taken with a grain of salt. […] The small print that the criminals select to launch will probably be cherry-picked and solely info that they need to be within the public area — in all probability as a result of they imagine it can assist their trigger not directly. […] The press ought to keep away from portraying ransomware teams as being in any approach Robin Hood-like or repeating claims that help them.”
As of press time, Banco BCR has not answered Cointelegraph’s request for remark.
Ransomware exercise continues amid the pandemic
As Cointelegraph reported in late April, a latest report confirmed a significant drop within the variety of ransomware assaults carried out through the pandemic on america public sector. Nonetheless, that is unlikely to be linked to the cybercriminals’ willingness to keep away from damaging the general public sector amid the misery already attributable to the coronavirus.
In truth, on the finish of April, hackers reportedly compromised the most important well being heart in Pueblo County, Colorado with cryptocurrency ransomware. Whereas the hospital’s official statements declare that it received’t have an effect on affected person care, employees allegedly stated that the paper-based record-keeping strategies to which they’ve resorted are cumbersome and will negatively affect companies.
Credit score: Source link