Oracle, Airbus, Toshiba, and Volkswagen financial data leaked following cyberattack

News by Robert Abel

Criminals stole data from third-party servers.

Threat actors stole financial data from a company that provides internet infrastructure for dozens of the world’s largest companies including Oracle, Airbus, Toshiba, and Volkswagen.

The cybercriminals stole data from Germany-based CITYCOMP, which provides servers, storage and other computer equipment to other enterprise-level organisations and subsequently blackmailed the firm and threatened to publish the stolen information if the demands weren’t met.

"CITYCOMP Service GmbH was the victim of a targeted cyberattack in early April 2019," in what a Citycomp spokesperson described to SC Media as a "blackmail" attack. "As a result of the companies' failure to comply with the threat actor, "the stolen data has now been published by the perpetrators and CITYCOMP’s customers were informed about it."

Those who were affected have been notified and CITYCOMP is working with State Criminal Police Office of Baden-Württemberg to mitigate the attack and improve security measures.

"Since 2016, we’ve been so focused on ransomware that a lot of people have forgotten that old-school data theft for ransom is still a serious risk,"

Marc Laliberte, Sr. Security Analyst at WatchGuard Technologies told SC Media."The damages from this type of attack are compounded in Europe specifically because of steep GDRP violation penalties for mishandling customer data."

Laliberte added that privacy is a growing concern for users across the world and said the potential reputation hit from losing gigabytes of private information in this day and age is massive."

"The data breach at CITYCOMP underscores that data theft for ransom isn’t dead and won’t be anytime soon," Dan Tuchler, CMO at SecurityFirst told SC Media. "Although in most other regions outside of Latin America the focus is instead on ransomware as an attack, and theft of data is typically associated with identity theft or credit card fraud, mayhem and good old extortion are real-world threats."

Tuchler went on to say it’s difficult to protect data, especially with the complicated network of interactions between companies and their many suppliers.

Warren Poschman, senior solutions architect at comforte AG, told SC Media Uk that the data breach at CITYCOMP underscores that data theft for ransom isn’t dead and won’t be anytime soon.

"Although in most other regions outside of Latin America the focus is instead on ransomware as an attack and theft of data is typically associated with identity theft or credit card fraud, mayhem and good old extortion are real-world threats," he said.

"Organisations looking to ensure that their data is protected regardless of its location or possession should look to adopt a data-centric security model which ensures that no matter where the data is stored, moved, used or even lost, it is protected and secure – something that could have likely made the CITYCOMP breach a non-event. The right security strategy should protect from both the expected and unexpected!"

The original version of this article was first published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike