Home SECURITY South African development bank DBSA hit by Akira ransomware attack

South African development bank DBSA hit by Akira ransomware attack

South African development bank DBSA hit by Akira ransomware attack


South African development bank DBSA hit by Akira ransomware attack

An extensive list of data was stolen, including information from employees, partners and customers of the bank.

South African Development Bank (Development Bank of Southern Africa, DBSA), which invests in infrastructure projects and educational projects in South Africa, reported last Monday that last month was the victim of a ransomware attack that encrypted the bank’s servers, event logs and documents by the Akira hacker group.

Bank officials said the attack took place on May 21, and the hackers threatened to release the stolen information unless a ransom was paid, the amount of which was not specified. Considering that the bank’s net income is about 120 million dollars a year, it can be assumed that the extortionists also requested a far from small amount.

“After the discovery of the incident, DBSA immediately investigated and determined that company names, directors and shareholders, addresses, identification documents, phone numbers and email addresses may have been illegally obtained or acquired by attackers,” the bank said.

Many of the documents also contained details of the various organizations’ commercial or employment relationships with the DBSA and other financial information.

The bank’s investigation into this incident is ongoing, but DBSA representatives have warned that hackers may be trying to impersonate bank partners using the compromised information received.

“DBSA encourages its partners and customers to remain vigilant and alert for any indication that their personal information is being misused. And also be extremely careful about any potentially unauthorized actions, ”the bank explained.

The bank reportedly notified its employees of the personal data breach on Monday by sending out relevant emails.

Since the attack, the company has been able to restore its IT environment and drive the hackers out of internal systems. Several South African law enforcement agencies and regulators are involved in the incident investigation. The DBSA has also hired a forensic expert to monitor information leaks on the dark web.

The Akira group has been active since at least March of this year, but it became widely known about it only in May, after report release MalwareHunterTeam about the activities of hackers. Cybercriminals are remembered for their individual approach to ransom. So, they always clearly assess the size of the company and its operating profit, and are even ready to make some concessions in any given situation.


Source link



Please enter your comment!
Please enter your name here