Contents:
Following a ransomware attack back in March, sensitive employee data was compromised at CommScope, a major US telecommunications and IT infrastructure company. The Vice Society ransom gang claims to have published CommScope employee data on its dark web leak site.
The Fortune 500 communications and technology infrastructure provider is a North Carolina–based company, which designs and manufactures network infrastructure products for a range of customers, including hospitals, schools and U.S. federal agencies. Its subsidiaries include Arris, Surfboard, Ruckus, and Systimax.
During the last week of March 27, the worldwide conglomerate became aware of threat actors accessing parts of its IT infrastructure. An investigation was launched, and law enforcement was notified before it was determined that the company had been hit with ransomware.
North Carolina-based network infrastructure provider CommScope confirmed that it suffered a ransomware attack late last month and is now investigating claims of stolen information leaked on the dark web #commscope #ransomware@TheRecord_Media pic.twitter.com/Xwg5IyqYn7
— jon greig (@jgreigj) April 18, 2023
Vice Society claimed CommScope as a victim on the homepage of their dark web leak site Saturday, almost two weeks after the attack, along with over two dozen links – dated from April 14 to 15 – purportedly of the stolen employee data.
In spite of not naming Vice Society publicly, CommScope said its investigation revealed the group that carried out the attacks claimed possession of the stolen data.
We are working with our third-party experts to validate those claims and to understand the nature of the information at issue as a top priority. We are undergoing a thorough review of any impacted data with all possible speed.
Hackers allegedly gained access to the company’s network and stole backups of data related to the company’s MyCommScope customer portal and internal intranet. Some of the data was unencrypted and included CommScope customer and employee email addresses. The exact number of employees affected is unknown, but it is worth mentioning that CommScope employs more than 30,000 people worldwide.
According to CommScope, there is no evidence that customer information was compromised, and business operations were not impacted. The spokesperson added that:
Should we determine sensitive information pertaining to our customers was involved in this incident, we will notify them consistent with our obligations and applicable law.
Vice Society – A Constant Threat
Vice Society, a notorious ransomware gang linked to the Russian government, targets educational institutions and healthcare facilities worldwide, as per the FBI warning issued last year.
However, it has become obvious that Vice Society does not stop at these two sectors, as recently, the group has attacked Puerto Rico’s water supply agency, San Francisco’s Bay Area Rapid Transit, and IKEA outlets in Kuwait and Morocco.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube for more cybersecurity news and topics.