Ever since 2019, there has been a series of cyberattacks on different companies all over the world by a ransomware gang called the “NetWalker” group. Over the course of the entire year, they successfully attacked over 100 businesses, stole their data and uploaded it on to the dark web. The data includes every single piece of information the companies had access to.
Which company was attacked and what was leaked?
The latest victim to this group is “NameSouth”, a US based autoparts company. The data leak in total was about 3 GBs in file size, but the files included tonnes of sensitive information.
The leak had scanned copies of documents that included tax identification numbers, easily readable
All of the personal information of at least 12 of their employees (names, addresses, phone numbers and even their exact working hours)
- Names and addresses of their customers
- Credit Card statements for the past decade
- Almost all of their recent financial and accounting data.
Who had access to the data?
NetWalker usually uploads data to the dark web for free. They wait until they have gotten a specific number of downloads to start charging for access but so far, the data remains free on their website. This could mean that the data hasn’t really been accessed or downloaded by a lot of people yet, or, they just haven’t put a price on it. Either way, since it’s on the internet, there’s no telling how far the leaked information may travel.
It is possible that by now, the information has been accessed by at least a few cybercriminals and it’s only a matter of time before the information is used maliciously.
What is the impact of the leak?
Even though the entire file size of the leak itself was only around 3 GBs, the information that was leaked was vital and may have long lasting damage.
The company as a whole has suffered damage in terms of a damaged reputation because they couldn’t keep their data safe.
The customers that have had their data leaked could find themselves in a situation where someone else steals their identity and misuses it, leaving them to deal with the consequences.
The 12 employees have had sensitive information leaked not just about their personal lives, but also about their work life. Having details like their exact working hours be out there in the public can make it dangerous for them to travel to and from work at those exact hours.
The leaked credit card information can make it very easy for a cybercriminal to use the company’s name and commit fraud. They can do anything from applying business loans to claiming government relief loans, both of which could be fatal for the business considering the world is still shut down because of the ongoing pandemic.
Next Steps
If an organisation can face such massive consequences from a data leak that’s only 3 GBs in file size, there’s no telling what would happen if the leak was larger. It’s important that companies are equipped to fight off a cyberattack if it were to happen to them.
They can up their chances of winning against the attacker by installing an intelligent threat detection system so their IT team would be alerted if there’s any suspicious activity or they can use a salted secure encryption algorithm which encrypts all of their information and make it unreadable even if it does get leaked for anyone that doesn’t have the encryption key.