Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Rogers Says Hackers Accessed Small Number of Business Accounts

A hacker group called TeamHans has leaked hundreds of megabytes of data allegedly stolen from the systems of Canadian communications and media company Rogers.

A hacker group called TeamHans has leaked hundreds of megabytes of data allegedly stolen from the systems of Canadian communications and media company Rogers.

According to DataBreaches.net, the attackers leaked sensitive corporate information such as contracts, emails, documents, and even VPN data. TeamHans said it gained access to the information on February 20 after tricking support staff into changing the password for an employee’s email account.

The information found in the targeted employee’s email account led TeamHans to an online tool used by Rogers to manage contracts.

The attackers attempted to blackmail Rogers and asked the company to pay 70 Bitcoins in exchange for not leaking the stolen information.

Contacted by SecurityWeek, Rogers said the attackers gained access to a single email account belonging to an enterprise sales employee.

“A single email address of one of our enterprise sales employees, who managed a small number of medium business accounts, was accessed last week by a third party due to human error. The third party was able to access a small number of business agreements managed by this employee,” Rogers said in an emailed statement.

The agreements accessed by the hackers included business names, business addresses, business phone numbers and pricing details. However, they didn’t contain personal or financial information. The attackers haven’t accessed consumer accounts, Rogers said. 

“As soon as we discovered the situation we took all the necessary steps to secure our systems. We are working with the police and we have been contacting affected business customers,” the company noted. “As a precaution, we’ve put additional security procedures in place for our business customers. We take the privacy and security of our customers’ information very seriously and we will continue to review our policies and procedures.”

This isn’t the first time Rogers employees have fallen victim to social engineering. In March 2014, Canadian Bitcoins accused Rogers staff of facilitating a data breach that resulted in the theft of $100,000 worth of Bitcoins.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack