- Joined
- Jun 13, 2020
- Messages
- 7,907
- Reaction score
- 942
- Points
- 212
- Awards
- 2
The company expects the hackers to demand a ransom. SoftServe continues to investigate.
Hackers published projects of clients, and probably personal data of employees of one of the largest Ukrainian IT companies SoftServe.
On September 2, it became known that SoftServe (number 2 in the latest DOU.UA rating) was subjected to a hacker attack. A number of the company's services stopped working, according to AIN.UA. The cybercriminals launched a ransomware virus into the system. As a result, a number of SoftServe services stopped working, and the company turned off some more in order to stop the spread of the virus. Some channels spread a message, apparently from the company's management (originally it was sent out in English).
And although the company said that the customer data was not affected, the very next day the project repositories appeared on the network, which SoftServe, apparently, was developing for its customers.
On September 16, in addition to customer data, hackers also published personal data of about 200 people - probably SoftServe employees. The company said that this is not a new leak, but data stolen last time.
This is reported by the Telegram channel DC8044 F33d with reference to the Russian hacker under the nickname Freedom F0x.
The leaked archive contains scans of passports of Ukrainians and citizens of other countries of Eastern Europe. It is not yet known whether these are actually SoftServe employees. Only the name of the archive hints at this.
As for client development, among the repositories leaked on September 16: banking applications, parts of the CRM system code, as well as developments for the Cylance antivirus. That's not all, according to the hacker cited by @ DC8044 F33d: more data leaked as part of the attack than has been posted to date.
The company expects the hackers to demand a ransom. SoftServe continues to investigate.
“There was an attack on September 1st. The data that was published today, September 16, is a consequence of the same incident. That is, there was no new data leak. This is a common tactic in such cases, the purpose of which is to intimidate in order to demand a ransom, the company said.
As noted earlier, SoftServe systems localized the attack and our security team took immediate action to restore the system.
In this and any other situation, the safety of our customers and employees remains our priority. A third party is now conducting a comprehensive independent investigation into the incident. ”
Hackers published projects of clients, and probably personal data of employees of one of the largest Ukrainian IT companies SoftServe.
On September 2, it became known that SoftServe (number 2 in the latest DOU.UA rating) was subjected to a hacker attack. A number of the company's services stopped working, according to AIN.UA. The cybercriminals launched a ransomware virus into the system. As a result, a number of SoftServe services stopped working, and the company turned off some more in order to stop the spread of the virus. Some channels spread a message, apparently from the company's management (originally it was sent out in English).
And although the company said that the customer data was not affected, the very next day the project repositories appeared on the network, which SoftServe, apparently, was developing for its customers.
On September 16, in addition to customer data, hackers also published personal data of about 200 people - probably SoftServe employees. The company said that this is not a new leak, but data stolen last time.
This is reported by the Telegram channel DC8044 F33d with reference to the Russian hacker under the nickname Freedom F0x.
The leaked archive contains scans of passports of Ukrainians and citizens of other countries of Eastern Europe. It is not yet known whether these are actually SoftServe employees. Only the name of the archive hints at this.
As for client development, among the repositories leaked on September 16: banking applications, parts of the CRM system code, as well as developments for the Cylance antivirus. That's not all, according to the hacker cited by @ DC8044 F33d: more data leaked as part of the attack than has been posted to date.
The company expects the hackers to demand a ransom. SoftServe continues to investigate.
“There was an attack on September 1st. The data that was published today, September 16, is a consequence of the same incident. That is, there was no new data leak. This is a common tactic in such cases, the purpose of which is to intimidate in order to demand a ransom, the company said.
As noted earlier, SoftServe systems localized the attack and our security team took immediate action to restore the system.
In this and any other situation, the safety of our customers and employees remains our priority. A third party is now conducting a comprehensive independent investigation into the incident. ”