Infiltration of the Toyota branch has enabled the exfiltration not only of data from customers and employees but also financial information, contracts, emails, and network infrastructure details, which have been obtained through the ADRecon tool, claimed ZeroSevenGroup.
Investigation into the incident revealed that G-Suite account infiltration was accompanied by discrepancies in corporate accounts, especially among accounting department employees and contractors, and potential access to corporate managers' accounts and email messages, as well as possible identity forgery of a former contractor.
Such records — which were initially leaked by USDoD in April — may have included individuals' names, Social Security numbers, phone numbers, email addresses, and mailing addresses that were potentially compromised in a network breach in late December, said NPD in a statement on its website.
Most of the settlement will be given to New York, which had almost 1.5 million residents affected by the incident, which was found by the state's Office of the Attorney General to have stemmed from the compromise of two Enzo employee credentials that have been unchanged in a decade.
Purportedly exclusive data stolen from The Washington Times is being sold by Rhysida for more than $304,000 worth of Bitcoin as part of an online auction that will open in a week.
Included in the leaked data dump, which was 44 GB compressed and 500 GB uncompressed, were emails, mobile numbers, and QQ IDs in JSON format, which may have been processed in May 2023.
While only city employees were reported by officials to have been affected by the incident, Goodwolf noted that information exfiltrated and exposed by Rhysida included those of city hall visitors, sexual assault and domestic violence victims, and youths who were crime suspects or victims, as well as names belonging to police officers who have been subpoenaed.
Despite not specifying the malware leveraged to compromise its IT network, Schlatter revealed in a statement that it has been blackmailed by its attackers, who are believed to be demanding monetary payment in exchange for a decryption tool and the non-exposure of stolen data.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
