summary
Telefonica has confirmed a data breach related to its internal Jira ticketing system, with stolen data leaked online. Hackers used compromised employee credentials to access and collect 2.3 GB of internal data. This breach is related to Hellcat Ransomware and is also related to the Schneider Electric cyber attack. No attempt at extortion was made. Data was leaked without contacting Telefonica. The attack highlights the growing cyber threat to global telecommunications companies.
Spanish multinational telecommunications company Telefonica has confirmed a data breach in its internal ticketing system. This confirmation came after the stolen data was posted on the cybercrime and hacking forum Breach Forum.
Screenshot from Breach Forums (Credit: Hackread.com)
Telefonica is Spain’s largest telecommunications company, operating in 12 countries and employing more than 104,000 people. Telefonica cyber attack. The company confirmed that its ticketing system had been compromised and that it is currently investigating the scope of the incident and taking steps to prevent further unauthorized access. The leak on the hacking forum involved the Telefonica Jira database.
Four individuals using the aliases DNA, Grep, Pryx, and Rey claimed responsibility for the breach. According to Pryx, one of the attackers, the “internal ticketing system” is an internal Jira development and ticketing server that Telefonica uses to report and resolve internal issues.
Sources said employee credentials that were leaked the previous day were used to breach the system. Telefonica responded by blocking access and resetting passwords for affected accounts. The attackers say they were able to collect approximately 2.3 GB of documents, tickets, and various data using compromised employee accounts. Some of this data was labeled as a customer, but the ticket was opened with an @telefonica.com email address, indicating it may have been opened on behalf of the customer .
Screenshot of leaked data (Credit: Hackread.com)
Pryx claims it did not contact Telefonica or attempt to blackmail it before leaking the data online. The three individuals behind the attack, Grep, Pryx, and Rey, are also part of a recently launched ransomware operation known as Hellcat Ransomware. Hellcat is responsible for a recent data breach at Schneider Electric. In this incident, 40 GB of data was stolen from the company’s JIRA server.
This Telefonica cyberattack reportedly involved Fortinet, a critical component of the company’s network infrastructure. While the scope of the data breach and the nature of the compromised data remain undisclosed, concerns have been raised about the potential impact. Despite this claim, Telefonica’s official website is still functional, raising questions about the authenticity of the alleged cyber attack.
However, this is not the first time Telefonica has suffered a data breach. In July 2018, millions of Telefonica customers suffered a security breach that exposed their data. Nevertheless, as the telecommunications industry faces cyber threats, companies must maintain cooperation to establish appropriate cybersecurity measures for critical infrastructure.
Related topics
Telecommunications giant BT Group hit by Black Basta ransomware 8220 attack; global cryptojacking attack targets news agencies; hacker infiltrates TPG news agency’s email host and steals customer data; US news agency breaches expand , 9 companies attacked by Chinese hackers New Linux RAT Krasue linked to XorDdos targets telecom companies
Source link
