2 min read

Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack

Alina BÎZGĂ

April 28, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack

A successful ransomware attack was deployed on March 13 against ExecuPharm, a subsidiary of the U.S. Biopharmaceutical giant Parexel, according to a recent announcement made by the company.

Unlike typical ransomware attacks, where bad actors encrypt data and demand payment in exchange for the decryption keys, the perps have also started leaking confidential information found on ExecuPharm”s network.
Discovered to be the handiwork of the CLOP ransomware group, the attack was initiated through phishing emails sent out to ExecuPharm employees.

Data breaches appear to be common events these days. Find out more about how you can regain control of your personal information with Bitdefender”s Digital Identity Protection

In the letter sent to the Office of The Vermont Attorney General, the company explains that, “a data security incident that compromised select corporate and personal information” happened after “unknown individual encrypted ExecuPharm servers and sought a ransom in exchange for decryption.”

The organization also mentioned that bad actors could “have accessed and/or shared select personal information relating to ExecuPharm personnel, as well as information relating to select personnel of Parexel, whose information was stored on ExecuPharms”s data Network”.

The company also believes that confidential employee files were accessed during the attack, and does not rule out a potential leak of sensitive personal information, including:


• Beneficiary information including Social security numbers
• Taxpayer ID/EIN
• Driver”s License numbers
• Passport numbers
• Bank account numbers
• Credit card numbers
• National Insurance numbers
• National ID numbers
• IBAN/SWIFT numbers

With such varied personal information, the bad actors hit a gold mine. Leaked financial information along with ID information can be used to impersonate victims and ultimately commit fraud.

Were you a victim of a data breach? Time to find out: https://www.bitdefender.com/solutions/digital-identity-protection.html.

As a result, the company has notified local authorities and the FBI, and contracted cybersecurity experts to investigate the incident. ExecuPharm said it has restored its servers and upgraded its network security to prevent further attacks.

While most companies are known to pay ransom to retrieve their precious data, relying solely on backup systems does not fill in the security gaps.

Investing in a proper security training for employees, specifically designed to help spot suspicious or phishing emails and maintain good cyber hygiene can truly make a difference, especially now, with remote work in full swing.

Affected employees will be provided 1-year of free identity monitoring and, in case of any unfortunate events, $1 million is going towards identity fraud loss reimbursement that should cover legal costs and other expenses.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

500 million WhatsApp mobile phone numbers are up for grabs on the dark web 500 million WhatsApp mobile phone numbers are up for grabs on the dark web
Alina BÎZGĂ

November 25, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip How to monitor your online privacy during your Thanksgiving trip
Alina BÎZGĂ

November 22, 2022

3 min read
Elasticsearch server actively scraping Mastodon user data; over 150,000 individuals exposed so far Elasticsearch server actively scraping Mastodon user data; over 150,000 individuals exposed so far
Alina BÎZGĂ

November 21, 2022

1 min read