A hacker is threatening to leak 106GB data, which was reportedly stolen from the Spanish telecom company telephonica, which the company did not accept.
The danger actor has leaked 2.6GB collections that unpacks five gigabytes of data with more than 20,000 files to be breeted.
Breach was reportedly taken on 30 May and the hacker claims that they had 12 hours of uninterrupted data exflants, canceled access by defenders.
Hackers claiming responsibility for the attack are known as “Ray” and it is a member of the Issert ransomware group – an internal cumin is responsible for another violation in telephonica in January through development and ticketing server.
Ray told Bleepingcomputer that he terminated a total of 385,311 files of 106.3GB internal communication (eg tickets, emails), purchase orders, internal logs, customer records and employee data.
He also said that after the company was dealt with the previous agreement, it was possible on May 30 due to a little misunderstanding.
Bleepingcomputer tried to reach the telephonica on emails on several occasions since June 3. We also contacted several C-suits employees, but no acknowledgment of violation of May 30.
The only response we received came from a telephone O2 employee, who dismissed the alleged incident as an attempt to be forcibly recovered using chronic information from the already known incident.
Telefónica O2 is a Spanish company brand for its telecom businesses in the UK and Germany.
Ray shared with Bleepingcomputer, with a sample and file tree of data allegedly stolen from telephonica on 30 May. Some files included invoices for business customers in many countries including Hungary, Germany, Spain, Chile and Peru.
The files we found had email addresses for employees in Spain, Germany, Peru, Argentina and Chile, and were invoiced for business partners or customers in European countries.
The most recent file that we can find in all information, which Ray shared, however, since 2021, confirms what the company’s representative told us.
However, the hacker is adamant about data coming from a new violation from May 30. To prove his point, he began leaking a part of the alleged stolen files.
“Since telephonica is denying the recent 106 GB breech with its internal infrastructure data, I am releasing 5 GB here as evidence. Soon, I will publish the full file tree, and in the next few weeks, if the telephonica does not follow, the complete collection will be released;” – Ray.
The data was initially distributed using pixeldrain storage and data transfer services, but was removed after a few hours for legal reasons.
The actor later distributed another download link from Kotizada, one service then turned into another service, Kotizada, which Google Chrome gives flags as a dangerous site and firmly recommends users to avoid it.
As long as Telefónica provides an official statement, it is not clear that it is a new violation that contains old data. However, from the conclusions of the bleepingcomputer, some email addresses in the leaks are of active employees.
The hackat hacking group is not new to the scene and they usually focus on targeting cumin servers. They are responsible for several attacks in high-profile companies.
He claimed that the Swiss Global Solutions provider AScom, Jaguar Land Rover, Effinitive Schneider Electric and Orange Group were tied up.
While cloud attacks can be more sophisticated, the attackers still succeed with surprisingly simple techniques.
Drawing by the detection of Vij in thousands of organizations, this report reveals the 8 major techniques used by Claude-Floid danger actors.
