Hackers publish stolen CommScope data following ransomware attack

A treasure trove of sensitive information was leaked

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Data stolen from US network infrastructure powerhouse CommScope has been leaked on the dark web following an allegedransomwareattack.

Ransomware operators known as Vice Society published a “treasure trove” of personally identifiable data on CommScope’s customers and employees, including full names, postal addresses, email addresses, personal numbers, Social Security numbers, bank account information, as well as scans of employee passports and visa documentation.

To obtain this data, the threat actors needed “deep access” to the company’s network, which they seem to have got by accessing both the MyCommScope customer portal and the company’s intranet.

Missing crucial details

Other important details, such as how hackers made it into the network, if anymalwarewas used, how long they were there, how many people are affected, or how high of a ransom is being demanded, are not known. CommScope’s spokesperson gave the usual statement prepared in advance, but declined to comment further.

On March 27, the company discovered “unauthorized access to a portion of our IT infrastructure that we determined was the result of a ransomware incident,” said CommScope spokesperson Cheryl Przychodni.

Western Digital customers urged to update to latest version of My Cloud OS>Acer confirms huge breach after 160GB of data leaked on dark web>Here are the best endpoint security products

“Upon discovery, we immediately launched a forensic investigation with the assistance of a leading cybersecurity firm and reported the matter to law enforcement,” Przychodni added. “We are working with our third-party experts to validate those claims and to understand the nature of the information at issue as a top priority,” she said. “We are undergoing a thorough review of any impacted data with all possible speed.”

The spokesperson also said that the initial investigation did not find any evidence of customer information theft, but did not say if the company has the ability to determine what data was taken from its systems.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

CommScope counts more than 30,000 employees, and while it’s highly unlikely that all of them are affected by this incident, until the company comes forward with a more concrete number, it’s impossible to determine the true scope of the breach.

Via:TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Anker Nebula Mars 3 review: A powerful and truly portable projector