Exclusive: New Zealand importer Triton Sourcing & Distribution confirms ransomware attack

Exclusive: New Zealand importer Triton Sourcing & Distribution confirms ransomware attack

Exclusive: New Zealand importer Triton Sourcing & Distribution confirms ransomware attack

SafePay ransomware gang claims second ANZ scalp with 10GB data leak, but no personal data was affected.

New ransomware gang SafePay has listed Auckland-based importer Triton Sourcing & Distribution on its darknet leak site, claiming to have stolen at least 10 gigabytes of data from the company.

SafePay is fairly light on detail, only publishing a leaked data archive and file list, which reveals that most of the data is .XML files.

The hackers did not provide a date for the hack, but a company spokesperson confirmed that the incident took place in October.

“We are aware of the incident – ​​we suffered an attack in early October and we spoke to our customers and staff about it at that time,” a Triton spokesperson told Cyber Daily.

“This disrupted our operations for a few days, but we were able to recover relatively quickly and catch up on some of our backlogged orders. We have since taken advice on the incident and the subsequent data breach.

Much of the stolen data concerns “information contained in our Exo command system, which is the same system that was impacted by the compromise.” Much of this data concerns order details and other operational processes.

Triton has reviewed the nature of the data disclosed and its obligations under the law and believes that the leak is relatively inconsequential.

“At this stage, we have not identified anything that could pose a significant risk to third parties or our staff,” the Triton spokesperson said.

“We use cloud platforms for tasks such as human resources and other business functions that involve important personal information, and fortunately this was not affected as part of the compromise. »

SafePay appears to be a relatively new ransomware group and has recorded a total of 24 victims on its leak site since researchers first observed it in October. It is believed to be based in Eastern Europe, due to its habit of excluding machines that use Cyrillic characters as their default language.

Here's proof you can train an AI model without abusing copyrighted content

Here’s proof you can train an AI model without abusing copyrighted content

Glassdoor wants to know your real name

Glassdoor wants to know your real name

Leave a Reply

Your email address will not be published. Required fields are marked *