Major Spanish multinational telecommunications company Telefónica had its internal ticketing system compromised by Hellcat ransomware members through information-stealing malware and social engineering tactics, SecurityWeek reports.Infiltration of Telefónica's Jira platform through infostealer theft of credentials belonging to over a dozen of the firm's employees was followed by the targeting of employees with admin privileges and the eventual exfiltration of a list with 24,000 Telefónica employee names and emails, 5,000 internal files, and half a million internal Jira issue summaries, according to an analysis from Hudson Rock, which cited correspondences with the attackers. Other corporate credentials, including those for Office 365, Fortinet, Salesforce, and other third-party systems, have also been exposed by the infostealer compromise of over 500 Telefónica employee computers last year. "These infections provide hackers with the necessary credentials to infiltrate systems and, as demonstrated in this case, can be leveraged to expand access further through sophisticated social engineering tactics. Infostealers serve as a stepping stone for more advanced attacks, making them a significant concern for organizations worldwide," said Hudson Rock.
Breach, Ransomware, Phishing, Data Security
Telefónica breached via infostealer, social engineering
(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds