Bits ‘n Pieces (Trozos y Piezas)

Posted on by chum1ng0

ES: Cosmetics firm added by LockBit

Skin and hair products firm Montibello has been added by  LockBit3.0  to their leaks page. The listing was added on February 14th but without any filetree or proof. DataBreaches emailed  Montibello to see if they would confirm or deny an attack but received no reply.  There is nothing on their website or social media accounts about any attack. DataBreaches considers this an unconfirmed claim at this time.

AR: Energy company attacked by LockBit3.0

Grupo Albanesi is a private company dedicated to the distribution of energy in Argentina. As with Montibello, it was added to LockBit3.0’s leak site on February without any proof. And like Montibello, there is no mention on their website or social media accounts of any incident.

An inquiry submitted to them on their site did not receive a reply.

MX: Personal and sensitive information on Financiera Reyes customers leaked (Update)

DataBreaches previously reported that LockBit3.0 had claimed Financiera Reyes as a victim but had provided no proof and Financiera Reyes had not responded to inquiries from DataBreaches.

Financiera Reyes describes itself as a multiple purpose financial company, “non-regulated entity, which does not require authorization from the Ministry of Finance and Public Credit for its constitution and operation, however, it is subject to the supervision of the National Banking and Securities Commission, solely for the purposes of the provisions of article 56 of the General Law of Auxiliary Credit Organizations and Activities.”

Data leaked by LockBit confirm LockBit’s claimed attack. The files include documents related to future credit or customers and other files with personal information such as an INE (National Electoral Institute) record, a service ticket, and  a document called “Direccion General Del Registro Civil” Nacimiento. An .xlsx file called “Circulocredfinanciera”  also included personal data of people who have requested credit. Files in one folder contained files from 2020 to early 2022 with detailed information on people.

First part of spreadsheet with personal information redacted.
Fields in the first part of the spreadsheet include paternal surname, maternal surname, names, date of birth, RFC, CURP, social security number, IFE voter code, address, population, and neighborhood. Image and redaction: DataBreaches.net.

 

Second part of spreadsheet with personal information redacted.
Fields in the second part of the spreadsheet include delegation municipality, city, state, postal code, telephone number, company name, address, population neighborhood, telephone number, position, and salary. Image and redaction: DataBreaches.net.

 

Part 3 of spreadsheet with personal information redacted.
Fields in the third part of the spreadsheet include current account, payment numbers, amount to pay, last payment date, last purchase date, account closing date, cut-off date, maximum credit, current balance, credit limit, and overdue balance. Image and redaction: DataBreaches.net.

 

Part 4 of spreadsheet with personal information redacted.
The fourth part of the spread sheet includes fields for first default date, unpaid balance, last payment amount, monthly terms, origination credit amount, and consumer email address. Image and redaction: DataBreaches.net.

The file illustrated above is just one of a number of such files that have been leaked.

More than two months after the attack was first disclosed by LockBit, there is still no notice of any kind on Financiera Reye’s website, and again they have not responded to inquiries. DataBreaches does not know if they have notified any regulators or consumers.

Edited by Dissent.


Related:

Category: Breach IncidentsFinancial SectorMalwareNon-U.S.