Maze ransomware operator threatened to publically expose all the data if their monetary demands are not met. However, the operators made an exception in the City of Pensacola by not sharing their data.
The attackers posted 2 GB of data from the government’s databases while claiming that this is just 10% of what they stole from the city’s servers. However, the files have been removed, and only the directory data, computer names and the IP addresses are now visible as an act of compromise, Ars Technica reported.
While the City of Pensacola, Florida, was spared, others were not so lucky. All the data of Fratelli Beretta, an Italian food company — a total of 3GB — was exposed online. The attackers even revealed the screenshots of affected systems and the data from the fax server, which includes patient data of Stockdale Radiology, a clinic in California.
According to the report, Maze has posted smaller dumps of data for about 25 other companies, including Busch’s Inc, BST & Co., Lakeland Community College, Massey Services, MDLab among others. These companies range from being a grocery chain store to accountancy firms.
It is surprising to note that none of the companies reported the breach to the authorities or even communicated to their employees. “The lack of disclosure obviously means that customers/clients/vendors/partners do not know that their data is now in the hands of cybercriminals and can be downloaded by anybody with an Internet connection”, threat analyst Brett Callow told Ars Technica.Â
Earlier, the same tactics were used by REvil/Sodinokibi ransomware where the attackers hacked the data of a private data of Travelex, a financial service provider company, and demanded a ransom of $6 million.
In the news: Avast is terminating Jumphot’s data collection following privacy concerns