Blackcat Hackers: 170GB sensitive data stolen from Krishi Bank
Notorious ransomware group ALPHV, also known as BlackCat, has claimed responsibility for a targeted attack on Bangladesh Krishi Bank.
According to a blogpost by ALPHV from July 7, the hackers successfully breached the bank's security, gaining access to sensitive data and paralysing its operations.
ALPHV, also known as ALPHV-ng, BlackCat, and Noberus, is a ransomware-as-a-service (RaaS) group that emerged in November 2021.
According to the ALPHV post, ALPHV infiltrated Bangladesh Krishi Bank's network on June 21 this year and downloaded over 170GB of crucial information.
The compromised information includes highly sensitive financial records such as account details, statements, and tax information. The hackers also acquired employee data, including emails, passport copies, labour papers, and employment contracts, potentially exposing the personal information of the bank's employees. The group also obtained the bank's SQL backup on June 19.
"We are here to inform you about a data breach which took place at the 'Bangladesh Krishi Bank' network on June 21th 2023. As a result of this breach, our team had downloaded over 170GB of sensitive data from this network. Also we have encrypted all servers and data stored there. We have infiltrated Krishi Bank network and stayed there for 12 days, it was enough to study their documentation and download everything was needed," says the ALPHV post.
The bank did not respond to the attack and did not engage in any discussions regarding data recovery, prompting the ALPHV to issue a warning. The group urged all investors who entrusted their funds to Bangladesh Krishi Bank to withdraw their investments within seven days. The warning message was dispatched to contacts and emails procured from the stolen data, the post adds.
The group set a 72-hour deadline starting from July 8 for the bank's top management to contact it. The hackers implanted potent backdoor tools deep within the bank's network infrastructure. This ensures future access for the hackers and enables them to return at will, it says.
"IT-management of this bank does not have enough qualification and skills to protect their data."
Earlier on June 27, it was reported that a security leak from the website of the Office of the Registrar General, Birth & Death Registration had left more than 5 crore citizens' personal information exposed on the internet. The government's Computer Incident Response Team confirmed the data breach.
Comments