The Royal Ransomware gang claimed responsibility for a cyber attack on telecommunications company Intrado on Tuesday.

Although Intrado has yet to share information regarding this incident, sources told BleepingComputer earlier this month that the attack began on December 1 and the initial ransom demand was $60 million. .

the Royal ransomware group, made up of experienced threat actors and operating without affiliates, allegedly stole some data from Intrado’s systems and is now threatening to post it on its data leak site unless the company pays the ransom.

Warning that stolen data will be leaked online is a common scare tactic used by ransomware gangs to scare victims into negotiating a deal or returning to the negotiating table.

The attackers claim to have obtained internal documents, passports and driver’s licenses of employees from compromised Intrado devices.

Although the ransomware gang has yet to disclose any of the allegedly exfiltrated files from Intrado’s network, they shared a 52.8MB archive containing scans of passports, business documents and driver’s licenses as proof of the breach.

Intrado has yet to respond to BleepingComputer’s multiple email and voicemail requests for comment.

Royal ransomware Intrado Data Leak
Royal ransomware Intrado Data Leak (BleepingComputer)

Probably linked to an outage in early December

The date of the initial breach coincides with a widespread outage that affected all of Intrado’s services, including Unified Communications Services, Healthcare, and Unified Communications as a Service (UCaaS).

“We are experiencing an issue with our internal network, the products are not affected at this time. However, this may impact your ability to reach us by phone,” Intrado said in an incident report Dec. 1.

“The best way to contact support is via email or chat. We will provide an update when this situation is resolved and apologize for any inconvenience.”

Sarah Lovenheim, spokeswoman for the US Department of Health and Human Services (HHS) said the next day that the Intrado network outage had been resolved, adding that “the disruption to phone service was unacceptable and HHS continues to investigate the root cause of the outage.”

However, while Intrado has restored most of the affected services, the company was still working on fully restoring health services a week ago.

“As of Wednesday, December 21, while we have made significant progress restoring service across all platforms, we are still experiencing intermittent issues with notifications not being performed for some accounts,” Intrado added.

Underside said it provides services to approximately 82% of Fortune 500 companies and manages approximately 20 billion annual telephony minutes.

The company colonized with the U.S. Federal Communications Commission for $1,750,000 last year to resolve an investigation into whether it failed to deliver 911 calls and timely notify the response points of the public safety during a 911 outage.


Source link