Dragos writes:
On May 8, 2023, a known cybercriminal group attempted and failed at an extortion scheme against Dragos. No Dragos systems were breached, including anything related to the Dragos Platform.
Dragos has a culture of transparency and a commitment to providing educational material to the community. This is why it’s important to us to share what happened during a recent failed extortion scheme against Dragos in which a cybercriminal group attempted to compromise our information resources. We want to share this experience with the community, describe how we prevented it from being much worse, and, hopefully, help de-stigmatize security events.
Read their full report on their blog.
It appears that their attacker was not thrilled with their report. As seen on vx-underground, someone claimed that Dragos was attempting to downplay the incident instead of reaching a resolution with a “respected party.” They also claim to have exfiltrated 130GB+ of data.
