The hackers who published a trove of data stolen from U.S. network infrastructure giant CommScope claimed that they chose the company because of its connections to the military and government. The data seized includes thousands of employees’ Social Security numbers and bank account details, raising concerns about how easily hackers could exploit vulnerable individuals.
The North Carolina-based company has come under attack by the Vice Society ransomware gang, which leaked their products on the dark web in order to extort money from their victims. The company’s network infrastructure products are known for being reliable and secure, which likely makes them a target for criminals intent on taking advantage of vulnerabilities in their systems.
According to security researchers, the latest ransomware attack targeting healthcare organizations is likely the work of a syndicate of cybercriminals motivated by financial gain. The data stolen in this attack, which has not yet been decrypted, includes customer information and payment records.
A trove of leaked data from the telecommunications company CommScope includes personal data of thousands of employees, including full names, postal addresses, email addresses, personal numbers, Social Security numbers and bank account information. The files also contain scans of employee passports and visa documentation.
The hackers appeared to have gained access to the company’s network and exfiltrated backups of data pertaining to its MyCommScope customer portal and its internal intranet. Some of the data was unencrypted and included both CommScope customer and employee email addresses, potentially putting customers at risk.
There have been reports of communication disruptions at CommScope, with many employees affected. The exact number of employees that are affected is unknown, but it is estimated to be around thirty thousand people. This could affect business operations as a result of the disruption in communication. Communication remains a key component for businesses and it is essential that interference does not cause any loss in efficiency or productivity.
If it can be confirmed that ransomware caused the unauthorized access to CommScope’s IT infrastructure, this presents a major threat to businesses nationwide. Ransomware is often used by criminals to extort money from victims in exchange for release of their data and encryption keys. If CommScope had not detected the attack in time, critical data could have been rendered inaccessible or even lost altogether.
Przychodni said Vice Society’s accusations that it has published information from its network are baseless, as the company has yet to produce any evidence to back up its claims.
It seems that Facebook is taking the “third-party experts” assurance seriously. They are reportedly conducting a thorough review of any impacted data in order to understand what happened and to ensure that it does not happen again. This makes sense, as if user data is compromised, it could have serious implications for their privacy as well as their overall online safety.
Since the leak of employee data from technology company CommScope, many have asked if the company has notified affected employees. While it is unclear if CommScope has contacted any of its employees, officials say they are investigating how the data was leaked.
Przychodni said it has yet to find any evidence that customer data was accessed during the breach, but declined to say if the company has the means like server logs to determine what data was taken. However, since CommScope’s systems houses a large amount of sensitive information relating to its customers, such as billing addresses and contact information, it is likely that some damaging information was siphoned off during the attack.
While it is currently unknown how the Vice Society hackers gained access to the organization’s systems, it is possible that they exploited a vulnerability in its network. If this is true, it is likely that other organizations could also be at risk if they have not taken proper precautions to keep their systems safe.
The Vice Society is infamous for its widespread cyberattacks targeting the healthcare and education sectors. The group first made headlines in 2022 during a series of large-scale breaches that saw them steal sensitive data from various organizations, including the Los Angeles Unified School District.
Despite Vice Society’s recent focus on the manufacturing sector, ransomware will likely continue to be one of its biggest concerns. The company is credited with creating one of the earliest strains of ransomware, and it continues to produce new variants of the virus. In light of this, businesses should keep a close eye on Vice Society’s movements in order to preempt any potential attacks.
On February 20, 2019, the CommScope data breach occurred and impacted more than 164,000 customers. This attack took advantage of vulnerabilities in the company’s customer portal to pilfer customer names, email addresses, and encrypted passwords. TechCrunch has learned that Zack Whittaker is one of the employees who worked on a mitigation strategy for this breach.
