Sneaked Twice, but haven’t encrypted the network
Maze ransomware is so infamous for its hits against reputed organizations. It has previously attached Southwire, Cognizant, etc. While it intends to steal data and encrypt the network before asking for a ransom, it’s slightly different now. In the case of Banco de Costa Rica (BCR), it decided not to encrypt, but just steal and ask for ransom.
Banco de Costa Rica (BCR) is a state-owned bank of Costa Rica. And it has millions of accounts from various nations. It’s now said to be breached by Maze ransomware authors, who’ve posted a part of their stolen data on their leak site. BleepingComputer reported that Maze ransomware claims to have targeted Banco de Costa Rica (BCR) initially in August 2019, but did not steal or encrypt the network. After this, they again sneaked into the network in February this year, and still found the system isn’t encrypted yet. Thus, they had stolen the data but even didn’t encrypt the web, citing the reason as it “was at least incorrect during the world pandemic.” And those stolen records consists of years of bank data and over 11 million records of credit card data. This includes the over 4 million unique card data and at least 140,000 records belonging to US citizens. To prove this, the ransomware authors have posted a snippet of the stolen data, which contained 240 records of credit card data. It has the card numbers (with four digits removed), expiration data, and CVV codes. The bank hasn’t made any official comments yet. Until then, it’s suggested to those who’re having bank accounts with BCR to call the bank and know their status of compromise and check their card activity. Via: BleepingComputer