A hacker is threatening to leak 106GB of information allegedly stolen from Spanish telecommunications firm Telefónica in a breach that the corporate didn’t acknowledge.
The menace actor has leaked a 2.6GB archive that unpacks into 5 gigabytes of information with a bit over 20,000 information to show that the breach occurred.
Partial leak with knowledge allegedly stolen from Telefónica
The breach allegedly occurred on Might 30 and the hacker claims that they had 12 hours of uninterrupted knowledge exfiltration earlier than defenders revoked entry.
The hacker claiming duty for the assault is called “Rey” and is a member of the Hellcat Ransomware group – liable for one other breach at Telefónica in January via an inner Jira improvement and ticketing server.
Rey instructed BleepingComputer that they exfiltrated 385,311 information totaling 106.3GB of inner communications (e.g. tickets, emails), buy orders, inner logs, buyer information, and worker knowledge.
Additionally they stated that the Might 30 breach was potential due to a Jira misconfiguration after the corporate handled the earlier compromise.
BleepingComputer tried on a number of events since June third to achieve out to Telefónica over electronic mail. We additionally contacted a number of C-suite staff however obtained no acknowledgment of the Might 30 breach.
The one response we obtained got here from a Telefónica O2 worker, who dismissed the alleged incident as an extortion try utilizing outdated data from a beforehand recognized incident.
Telefónica O2 is the Spanish firm’s model for its telecommunications companies within the U.Ok. and Germany.
Rey shared with BleepingComputer a pattern and file tree of the info allegedly stolen from Telefónica on Might 30. A number of the information included invoices to enterprise shoppers in a number of international locations, together with Hungary, Germany, Spain, Chile, and Peru.
Within the information we obtained there have been electronic mail addresses for workers in Spain, Germany, Peru, Argentina, and Chile, and invoices for enterprise companions or clients in European international locations.
The latest file we might discover in all the information Rey shared was from 2021, although, which appears to verify what the corporate consultant instructed us.
Nonetheless, the hacker is adamant concerning the knowledge coming from a brand new breach from Might 30. To show their level, they began leaking part of the allegedly stolen information.
“Since Telefonica has been denying a latest 106 GB breach containing knowledge from its inner infrastructure, I’m releasing 5 GB right here as proof. Quickly, I’ll publish the total file tree, and over the following few weeks, if Telefonica doesn’t comply, the whole archive will likely be launched. ;)” – Rey stated.
Menace actor broadcasts Telefónica leak of 106GB
The info was initially distributed utilizing the PixelDrain storage and knowledge switch companies nevertheless it was eliminated after just a few hours for authorized causes.
The menace actor later distributed one other obtain hyperlink from Kotizada, a service then turned to a different service, Kotizada, which Google Chrome flags as a harmful web site and strongly recommends customers to keep away from it.
Till Telefónica supplies an official assertion, it’s unclear if it is a new breach consisting of previous knowledge. Nonetheless, from BleepingComputer’s findings, a few of the electronic mail addresses within the leak belong to energetic staff.
The HellCat hacking group just isn’t new on the scene and they’re sometimes centered on concentrating on Jira servers. They’re liable for a number of assaults at high-profile corporations.
They claimed compromises at Swiss international options supplier Ascom, Jaguar Land Rover, Affinitiv Schneider Electrical, and Orange Group.
Whereas cloud assaults could also be rising extra refined, attackers nonetheless succeed with surprisingly easy methods.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key methods utilized by cloud-fluent menace actors.
