Saudi Aramco hit by 1TB data breach

The oil giant Saudi Aramco has fallen victim to a data breach in which hackers were able to steal 1TB of proprietary company data that the...

The oil giant Saudi Aramco has fallen victim to a data breach in which hackers were able to steal 1TB of proprietary company data that they're now trying to sell on the Dark Web.

As reported by BleepingComputer, the threat actors behind the breach did not manage to infiltrate the network and systems of the Saudi Arabian Oil Company but rather those of third-party contractors working for the company.

The cybercriminal group known as ZeroX is now selling 1TB of proprietary Saudi Aramco data on an online hacking forum starting at $5m but the price is negotiable. The group claims that the data itself was stolen from the company sometime last year though some of the files contained in the dump date all the way back to 1993.

BleepingComputer reached out to the threat actors that comprise ZeroX to find out how they gained access to the systems of Saudi Aramco's third-party contractors and while the group did not name the exact vulnerability that was exploited, they did say it was a zero-day.

The countdown begins

To stoke interest in its upcoming sale, ZeroX posted a small sample set of Saudi Aramco's data which contained blueprints and proprietary documents from the company with personally identifiable information (PII) redacted to a data breach marketplace forum back in June.

However, when the group made its first post, the .onion leak site used displayed a countdown timer that was set to 662 hours. Once this 28-day long timer comes to an end, the sale and negotiations for the data will begin. In a statement to BleepingComputer, ZeroX said that it intentionally chose “662 hours” as part of a “puzzle” for Saudi Aramco to solve.

According to ZeroX, the data dump contains full information on 14,254 employees including their names, photos passports, emails, phone numbers, residence permit (Iqama card) numbers, job title, ID numbers family information and more. However, it also contains project specifications, internal analysis reports, network layouts, location maps with precise coordinates and a list of Saudi Aramco's clients.

It's worth noting that the data breach suffered by Saudi Aramco's third-party contractors was neither a ransomware attack nor an extortion incident as ZeroX did not encrypt the company's systems or demand a ransom in exchange to unlock its data. Instead the group is selling off the data for $5m though it is also open to doing an exclusive, one-off sale in which it provides all of the data and wipes it from its systems for $50m.

We'll have to wait and see what happens when the countdown timer comes to an end but Saudi Aramco has said that the data breach has not affected its operations.

Via BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/3kB4SN8



Apps,3855,Business,147,Camera,1154,Earn $$$,1,Gadgets,1739,Games,924,Innovations,1,Mobile,1695,Paid Promotions,2,Promotions,2,Technology,7933,Trailers,795,Travel,36,Trendly News,19895,Video,4,XIAOMI,12,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Saudi Aramco hit by 1TB data breach
Saudi Aramco hit by 1TB data breach
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy