DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

AlphV claims an attack before even alerting the victim. How will that work out for them? (1)

Posted on December 3, 2023 by Dissent

So AlphV (aka BlackCat) is trying something different again, it seems.

This time, it seems they are claiming a victim before they have even attempted to contact the victim or extort them. They post no proof of claims. They state that they are taking this approach because the victim’s cyberinsurance policy does not cover extortion, and their research into the victim (Tipalti) and one of the victim’s clients (Roblox) suggests that their usual approach will not work. They intend to try to extort those firms and Twitch, all individually. Tipalti is an accounting software financial technology business that provides accounts payable, procurement and global payments automation software for businesses.

AlphV’s listing states, in part:

We have remained present, undetected, in multiple Tipali systems since September 8th 2023. Over 265GB+ of confidential business data belonging to the company, as well as its employees and clients has been exfiltrated. We remain committed to this exfiltration operation, so we plan to reach out to both these companies once the market opens on Monday as we believe we will have an even greater amount of data by then, in addition to the likely inability of the Tipali company to be able to contain our efforts by then,  given their incompetency and taking into account that an insider was , and is still actively involved. This article will be republished on Monday just before the market opens, to maximize the impact to the $RBLX stock price.

This listing is not the very nasty approach that we’ve seen in some other listings on that leak site, although there is a mention of “filthy criminals.” The claim that an insider is involved is noteworthy. Whether it is true or not is not something we are not likely to find out quickly, and it may just be a false claim made to make the firm doubt themselves and their own internal resources.

AlphV’s full listing also cites an academic reference on the potential benefit of paying ransom. It is not clear for whose benefit they have included that citation, but it’s interesting that they spend any time finding or including such material.

DataBreaches has sent an email inquiry to Tipalti, but no reply was immediately received. This post will be updated when they respond or issue a statement. For now, DataBreaches reminds readers that AlphV’s claims are unconfirmed.

Update 1: DataBreaches has not yet  received any reply from Tipalti, but a reader kindly sent us a link to an Israeli news source that did obtain a statement from them:

מטיפלתי נמסר: “אנחנו מכירים את הטענה הזו וחוקרים אותה. אנחנו לוקחים בכל החומרה והחשיבות את בטחון מידע לקוחותינו. נכון לרגע זה לא זיהינו כל אובדן מידע או פריצה למערכות שלנו”.

In Yandex translation:

A spokesman said: “We are aware of this allegation and are investigating it. We take the security of our customers’  information with the utmost seriousness and importance. At this time, we have not detected any data loss or breach of our systems.”

Category: Business SectorU.S.

Post navigation

← Norwegian Labor and Welfare Administration fined for data protection failures
Hackers steal IDF patient records from cyberattack on Israeli hospital (corrected) →

2 thoughts on “AlphV claims an attack before even alerting the victim. How will that work out for them? (1)”

  1. Anonymous says:
    December 4, 2023 at 10:28 am

    I would advise you to call tipalti as I did and they gave me generic info about it basically they said they are aware of the claims but at this time they haven’t found any evidence that data has been compromised but are continuing to investigate the concerns

    1. Dissent says:
      December 4, 2023 at 12:35 pm

      I already posted that statement from them yesterday.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
  • Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach
  • Hacker who breached communications app used by Trump aide stole data from across US government
  • Massachusetts hacker to plead guilty to PowerSchool data breach (1)
  • Cyberattack brings down Kettering Health phone lines, MyChart patient portal access (1)
  • Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor
  • Hackers Nab 15 Years of UK Legal Aid Applicant Data
  • Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with ransom demand

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach
  • Drugmaker Regeneron to acquire 23andMe out of bankruptcy
  • Massachusetts Senate Committee Approves Robust Comprehensive Privacy Law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.