iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
SafePay ransomware gang claims second ANZ scalp with a 10-gigabyte data leak, but no personal data impacted.
The newly emerged SafePay ransomware gang has listed Auckland-based importer Triton Sourcing & Distribution on its darknet leak site, claiming to have stolen at least 10 gigabytes of data from the company.
SafePay is pretty light on details, publishing only a leak to an archive of the data and a file listing, which reveals most of the data to be .XML files.
The hackers haven’t listed a date for the hack, but a spokesperson for the company has confirmed the incident took place in October.
“We are aware of the incident – we suffered an attack in early October and communicated with our clients and staff about it at the time,” a Triton spokesperson told Cyber Daily.
“It did disrupt our operations for a few days, but we were able to recover relatively quickly and are catching up on some of our delayed orders. We’ve since been taking advice on the incident and the subsequent data leak posting.”
Much of the stolen data relates to “information contained in our Exo order system, which is the same system that was impacted by the compromise. Much of this data relates to order details and other operational processes.”
Triton has considered the nature of the data leaked and its obligations under the law and feels the leak is relatively inconsequential.
“At this stage, we haven’t identified anything that would pose a significant risk to third parties or our staff,” Triton’s spokesperson said.
“We use cloud platforms for things like HR and other business functions that involve significant personal information, and thankfully, these were not impacted as part of the compromise.”
SafePay appears to be a relatively new ransomware group and has posted a total of 24 victims to its leak site since since researchers first observed it in October. It is thought to be based in eastern Europe, based on its habit of excluding machines that use Cyrillic characters as their default language.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
