Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

760,000 Employee Records From Several Major Firms Leaked Online

A hacker has posted online over 760,000 records belonging to employees of Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater.

The information of more than 760,000 employees of several major organizations emerged online on Monday morning after a threat actor dumped it on a popular hacking forum.

The data apparently originates from last year’s massive MOVEit hack, in which a zero-day vulnerability in Progress Software’s file transfer software was used to steal sensitive information from thousands of organizations.

Roughly 2,800 organizations and close to 100 million individuals were affected by the attack, which is believed to have been carried out by the Russia-linked Cl0p ransomware gang.

The newly emerged data was posted on Monday on the BreachForums cybercrime forum by a threat actor named Nam3l3ss, who was previously associated with other data dumps linked to the MOVEit hack.

The leaked information apparently belongs to Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater, and mainly includes names, employee emails, phone numbers, work ID numbers, job titles, and manager names.

Atlas Privacy-maintained data breach reporting service DataBreach, which added the data to its database to help individuals discover if they were impacted, believes that the information likely comes from Cl0p, but was filtered to extract relevant details.

“We believe the data originates from the Cl0p ransomware group, who frequently exploit vulnerabilities like MOVEit to exfiltrate and publish sensitive data as part of their extortion campaigns. It’s likely Name3l3ss dug through terabytes of darkweb data and repackaged it for wider consumption,” Atlas Privacy co-founder and CSO Tsachi (Zack) Ganot told SecurityWeek.

Atlas has sifted through the data and assesses that it belongs to 288,297 individuals working at Bank of America, 237,487 employees from Koch, 94,253 from Nokia, 62,349 from JLL, 42,735 from Xerox, 32,861 from Morgan Stanley, and 2,141 from Bridgewater.

Advertisement. Scroll to continue reading.

“This type of data provides threat actors with a detailed organizational map, making it valuable for social engineering attacks. Some breaches also contain supplementary information, such as real estate lease records or project documents, though these appear less substantial,” Ganot said.

The new data was leaked roughly three weeks after Nam3l3ss dumped on BreachForums a database containing the personal and work-related information of Amazon employees.

Related: Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested

Related: Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack

Related: Hacker Stole Secrets From OpenAI

Related: French Computer Hacker Jailed in US

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.