A gaggle of ransomware hackers has reportedly stolen delicate info from a significan
A gaggle of ransomware hackers has reportedly stolen delicate info from a significant Costa Rican state-owned financial institution, Banco BCR.
A gaggle of hackers dubbed Maze claims to have compromised the infrastructure of Banco BCR, a Costa Rican state-owned financial institution, and is now threatening to leak hundreds of thousands of bank card numbers.
On April 30, Maze claimed that it has scoped out the financial institution in August 2019:
“In keeping with Monetary Establishments Protocol this financial institution needed to notify different establishments in regards to the safety breach case. However nothing was made. Servers and workstations weren’t blocked. Non-public knowledge was not secured. Anyway the Financial institution determined to hide details about the breach. Although the safety personnel have been capable of analyze the assault logs and to see that the attackers have accessed the fee processing system. We’ve stopped the assault because the attainable harm was too excessive.”
Maze states that subsequently, in February 2020, they checked the methods and noticed that nothing was performed to repair the cybersecurity vulnerabilities. The hackers declare that due to this, they determined to steal the info from the financial institution, together with transaction info and bank card knowledge:
“We’ve received over 11 milion bank card credentials. Over four hundreds of thousands of these bank cards are distinctive. [Of those cards,] 140,000 belong to US residents.”
The ransomware group introduced on Could 5 that it was going to leak the knowledge with out concealing card numbers. Whereas on this explicit occasion there isn’t a knowledge on the quantity of Bitcoin (BTC) requested by the hackers, the group has ransomed knowledge up to now.
Don’t take ransomware group’s claims too significantly
Brett Callow, cybersecurity risk analyst at Emsisoft beforehand instructed Cointelegraph that hacker’s claims needs to be seen suspiciously:
“Claims made by ransomware teams needs to be taken with a grain of salt. […] The main points that the criminals select to launch will probably be cherry-picked and solely info that they wish to be within the public area — most likely as a result of they consider it can assist their trigger ultimately. […] The press ought to keep away from portraying ransomware teams as being in any manner Robin Hood-like or repeating claims that help them.”
As of press time, Banco BCR has not answered Cointelegraph’s request for remark.
Ransomware exercise continues amid the pandemic
As Cointelegraph reported in late April, a latest report confirmed a significant drop within the variety of ransomware assaults carried out throughout the pandemic on america public sector. Nonetheless, that is unlikely to be linked to the cybercriminals’ willingness to keep away from damaging the general public sector amid the misery already brought on by the coronavirus.
Actually, on the finish of April, hackers reportedly compromised the biggest well being heart in Pueblo County, Colorado with cryptocurrency ransomware. Whereas the hospital’s official statements declare that it gained’t have an effect on affected person care, employees allegedly stated that the paper-based record-keeping strategies to which they’ve resorted are cumbersome and will negatively affect providers.