Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Steris Touted as Latest Accellion Hack Victim
#1
Data belonging to a client of recently hacked California-based private cloud solutions company Accellion is being advertised for sale online by cyber-criminals.
 
On the website Clop Leaks, ransomware gang Clop are claiming to have in their possession an unspecified amount of information belonging to the Steris Corporation. Steris is an American Ireland-registered medical equipment company specializing in sterilization and surgical products for the US healthcare system. 
 
Documents that appear to have been stolen include a confidential report about a phenolic disinfectant comparison study dating from 2018 that bears the signatures of two Steris employees— technical services manager David Shields and quality assurance analyst Jennifer Shultz.  
 
Another document appears to contain the formula for CIP neutralizer, a highly confidential trade secret owned by Steris Corporation.
 
"Clop is known to use data stolen from one organization to attack (spear phish) others," Emsisoft's Brett Callow told Infosecurity Magazine.
 
"This is why, for example, there was a cluster of cases in Germany. So any organization that has had dealings with one of the compromised entities should be on high alert."
 
Steris did not immediately respond to Infosecurity Magazine's request for comment. Accellion customers have been suffering cyber-attacks since the end of 2020.
 
Other companies that Clop claim to have stolen data from include SingtelJones Day, Inrix, ExecuPharm, Planatol, Software AG, Fugro, Nova Biomedical, Amey Plc, Allstate Peterbilt, Danaher, and the CSA Group.
 
Asked what advice he would give to companies that discover their data is being hawked online, Callow said: "It really makes no sense for companies to pay to prevent the publication of their data. There have been multiple instances in which threat actors have published or otherwise misused information after their victims have paid the ransom. 
 
"In some cases, actors have even used the same data to attempt to extort companies a second time. And this is really not at all surprising. These groups are untrustworthy bad actors and it would be a mistake to assume that they will abide by their promises."


Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  TSMC Falls Victim to LockBit Ransomware Threat: Hackers Demand $70M mrtrout 0 1,799 06-30-2023 , 08:24 PM
Last Post: mrtrout
  11 Million Computers Fall Victim as Info-Stealer Bypasses Major Antiviruses mrtrout 0 1,260 02-14-2023 , 09:08 PM
Last Post: mrtrout
  Bandwidth.com is latest victim of DDoS attacks against VoIP providers tarekma7 0 683 10-02-2021 , 03:06 PM
Last Post: tarekma7
  New STRRAT RAT Malware Convinces People They’ve Fallen Victim to Ransomware, Researc mrtrout 0 782 05-25-2021 , 06:51 AM
Last Post: mrtrout
  Flagstar Bank customer data breached through Accellion hack Bjyda 0 1,042 03-08-2021 , 11:11 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)