Home » Hive Ransomware Group Leaks Data From European Retailer

Hive Ransomware Group Leaks Data From European Retailer

0 comment

Fraud Management & Cybercrime
,
Ransomware

Black Friday Attack Affected Intersport Outlets in Northern France(asokan_akshaya) o
December 8, 2022

The Hive ransomware-as-a-service group says it posted customer data obtained during a November attack against French sports retailer Intersport.

See Also: Finding a Password Management Solution for Your Enterprise

The notorious ransomware-as-a-service group posted a tranche of Intersport data to its dark web leak site on Monday and threatened to leak more unless the retailer pays extortion money.

The hack allegedly included passport details of Intersport staff from stores in Northern France, their pay slips, a list of former and current employees from other stores, as well as social security numbers, French publication Le Monde reported.

La Voix Du Nord reported the hack occurred during the Black Friday sales and prevented staff from accessing the cash registers. The incident also forced the stores to manually restock stores.

The Swiss company has 5,800 outlets across the world, 780 of which are located in France. The company did not immediately respond to a request for comment.

Hive has hit more than 1,300 companies worldwide, collecting about $100 million in ransom payments, the U.S. federal government said in late November.

The group uses a variety of methods to gain access, depending on the affiliate executing the ransomware attack. In some cases, affiliates have taken advantage of a lack of multifactor authentication to access remote desk protocol, VPNs or other remote network connection protocols. In others, it has bypassed multifactor authentication to gain access to FortiOS servers by exploitingCVE-2020-12812, a now-patched improper authentication vulnerability in Fortinet’s operating system.

Other affiliates have used phishing emails containing malicious attachments that take advantage of vulnerabilities in Microosft Exchange servers. Specifically, CVE-2021-31207, CVE-2021-34473 and CVE-2021-34523.

You may also like

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign