Ransomware attacks continue
This week, LockBit added four entities related to South America: Chile, Colombia, and Venezuela:
Comision Nacional de Acreditación in Chile
CNA is a public entity that seeks to evaluate and accredit the quality of the Institutions of Higher Education in Chile. DataBreaches sent an email to them yesterday to ask them if they have had a ransomware incident, but no reply was received.
DataBreaches also asked LockBitSupport about this incident on Tox, but they, too, did not respond and then they were offline for many hours earlier today.
The CNA attack was revealed only a few weeks after the SERNAC.cl attack and the CSIRT warning to Chilean entities to be on the alert for ransomware attacks.
Independence
Independence is a Colombian firm that provides drilling and maintenance services for oil and gas wells, as well as extraction and treatment services for groundwater. LockBit claims to have exfiltrated 180 GB of information from this company.
DataBreaches found no statement or notice on Independence’s website, and could not find any social media accounts that have been recently active.
Quintal
Quintal is a Colombian firm that proudly claims it contributes to the development of the agricultural, construction, metallurgical and energy sectors through the manufacture and distribution of manganese-based chemicals and the commercialization of supplies for foundries and steel mills.
DataBreaches found nothing on their site that indicated any breach or disruption, and found nothing in social media about any attack other than sites noting that LockBit had listed it.
Makler
Makler is a Venezuelan insurance brokerage firm. They, too, were added to LockBit’s leak site, but like the other sites, there was no proof pack offered at this point, and there is nothing on Makler’s website or on social media that would confirm any breach.
Because LockBit may not always be accurate in naming their victims, DataBreaches considers all of these claims as unconfirmed at this point.
Peru: Instituto De Desarrollo Profesional
Data allegedly from Peru’s Instituto De Desarrollo Profesional (IDEPRO) was found on a popular hacking-related forum. IDEPRO is a national entity created to promote and implement initiatives for the professional development of the country.
The forum user who listed it and who has a positive reputation on the forum claims to have 1GB of data in SQL format. The data allegedly represents 1,100 individuals and can be obtained by anyone having sufficient forum credits. There was no freely viewable sample that DataBreaches could check, but according to a tweet, the data includes id, auth, username, password, name, email, phone, and address.
DataBreaches contacted the national center of digital security of Peru to alert them to this report. They responded as follows ” Good afternoon. Thank you for the information provided. We are coordinating with the corresponding institutions.”
There is no notice on IDEPRO’s website at time of publication to indicate any security incident or breach, but from the national center’s response, this sounds like a confirmed incident.
Editing by Dissent