Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Data Breaches

Blackmailing data thieves who targeted thousands of businesses apprehended

Paul Anderson by Paul Anderson
February 26, 2023
in Data Breaches
0
Blackmailing data thieves arrested by Dutch police
7
SHARES
784
VIEWS
Share on FacebookShare on Twitter

The Dutch police recently apprehended three additional suspects in what is considered one of the most significant data extortion cases to date. These suspects, aged between 18 and 21, were reportedly involved in extorting companies and selling stolen data to other criminal organizations.

You might also like

US politicians personal details compromised in hack

Acer corporate confirms breach – data being sold for Monero

State sponsored hackers were in News Corp’s servers for two years

During a two-year investigation, the police discovered that the suspects targeted thousands of businesses, including educational institutions, online shops, ticket vendors, and critical infrastructure and service providers.

The three men, along with a 25-year-old who was arrested last year, are accused of illegally accessing computer systems, stealing data, extortion and blackmail, and money laundering. The suspect who was apprehended last year was allegedly involved in a data theft incident involving Geburen Info Service GmbH (GIS), which is responsible for collecting television license fees on behalf of the Austrian government. It is believed that the dataset from that breach contains information on nearly every Austrian citizen.

Unfortunately, one of the arrested individuals was also a member of the Dutch Institute for Vulnerability Disclosure (DIVD), a group of volunteer cybercrime fighters. You may recall hearing about them in the 2021 Lock and Code episode about “The failed race to fix Kaseya VSA, with Victor Gevers.”

It is unclear whether this suspect worked there to ease his conscience or with the intention of gaining access to information he could use for illegal activities. Nevertheless, it is evident that he alternated between wearing his white and black hats. According to a DIVD statement, there is no indication that he was able to abuse his position, but his access to DIVD systems has been terminated.

As expected from criminals willing to extort businesses, they were not trustworthy. Some of the data they held for ransom was sold to other criminals even after the ransom demand was paid.

One of the group’s members operated a Telegram channel where he offered to sell personal and address information based on license plates. This allowed organized criminals to quickly find out details about a target.

This data would also be valuable for a range of other crimes, including phishing attacks, credit card fraud, or any other form of fraud where knowledge of the victim gives the criminal an advantage.

The cybercrime unit responsible for the arrests also cautioned that criminals are becoming more adept at refining this stolen data and discovering new ways to use it.

It is worth reflecting on the harm caused by a criminal enterprise like this. The damage extends beyond the companies forced to pay the ransom. There are significant costs associated with restoring compromised systems and conducting forensic investigations. There is also emotional damage to the owners of the stolen data and to those who feel responsible for allowing the breach to occur—imagine being the person who clicked on a link that initiated an attack.

In an interview, the CEO of the online ticket vendor stated that he felt intimidated by the criminals who informed him that they knew “who he was married to.” He also expressed gratitude for working with the police. By negotiating the ransom, he was able to buy some time. And with the assistance of Troy Hunt from HaveIBeenPwned, he was able to determine the extent of the stolen data and notify affected customers himself.

Stay Vigilant

The individuals whose personal information has been acquired by these malevolent actors (which encompasses the entirety of the Austrian and Dutch populace) need to remain vigilant against unexpected phone calls from scammers falsely identifying themselves as representatives from their financial institution, as well as phishing emails and other fraudulent activities.

Those who have been impacted by this data breach must take the following precautions:

  • Consult the guidance provided by the vendor. Since every data breach is unique, it is critical to consult with the vendor to ascertain the nature of the breach and comply with any specific instructions provided.
  • Change your passwords. By changing your passwords, you can render a hacked password ineffective. Choose a robust password that is not used elsewhere. It is preferable to have a password manager generate one for you.
  • Activate two-factor authentication. Whenever possible, utilize a FIDO2 two-factor authentication device. Certain types of two-factor authentication (2FA) can be as susceptible to phishing as a password. 2FA that relies on a FIDO2 device is immune to phishing.
  • Remain cautious of fake vendors. The thieves may contact you while masquerading as a vendor. Verify if the vendor is contacting victims by visiting their website, and confirm any communications via a distinct communication channel.
  • Stop and analyze. Phishing attacks frequently impersonate individuals or brands you are familiar with and employ themes that necessitate urgency, such as missed deliveries, account suspensions, and security alerts.
Tags: Data breachData theftExtortion
Share19Tweet12
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the top of the page.

Recommended For You

US politicians personal details compromised in hack

by Kyle
March 9, 2023
0
US politicians personal details compromised in hack

A hacker has claimed that personally identifiable information (PII) belonging to several members of the US Congress may have been compromised in a cyberattack on DC Health Link,...

Read more

Acer corporate confirms breach – data being sold for Monero

by Kyle
March 8, 2023
0
Acer corporate confirms breach – data being sold for Monero

Acer, the sixth-largest PC maker in the world, has confirmed that it suffered a data breach in mid-February 2023 that compromised its intellectual property and other sensitive data....

Read more

State sponsored hackers were in News Corp’s servers for two years

by Christi Rogalski
February 24, 2023
0
News Corp Hacked

News Corporation (News Corp), a media and publishing powerhouse, has reported that the attackers responsible for the data breach they disclosed in 2022 had accessed their systems two...

Read more

Shanghai National Police database hacked – 1 billion Chinese citizens leaked

by Paul Anderson
July 7, 2022
0
Shanghai China police database hack

A hacker going by the pseudonym "ChinaDan" has posted a thread on a popular hacking forum BreachForums, stating that they are selling Shanghai's National police database (SHGA). The...

Read more

Healthcare Provider Kaiser Permanente Suffers Data Breach Impacting 70k Patients

by Paul Anderson
June 18, 2022
0
Kaiser Permanente suffers data breach

Founded in July 1945, Kaiser Permanente is an integrated managed care consortium with its headquarters located in Oakland, California. Kaiser is arguably the largest non-profit health care and...

Read more
Next Post
ChatGPT is found spreading malware created in Python

Fake ChatGPT websites are popping up and spreading malware

Related News

BreachForums Owner Arrested and Charged

BreachForums Owner Arrested and Charged

March 17, 2023
ChipMixer platform tied to crypto laundering scheme – seized by authorities

ChipMixer platform tied to crypto laundering scheme – seized by authorities

March 17, 2023
NSA intercepting U.S. Routers

NSA intercepting U.S. Routers

June 6, 2014 - Updated on March 17, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.