loader gif

​Financial and private data of dozens of IT giants’ leaked following a cyber attack at CITYCOMP

​Financial and private data of dozens of IT giants’ leaked following a cyber attack at CITYCOMP
  • The affected companies include the names of Oracle, Airbus, Toshiba and Volkswagen.
  • CITYCOMP revealed that it had fallen victim to a ‘targeted’ cyber attack in early April this year.

Cybercriminals have hacked German-based CITYCOMP internet service provider in order to steal financial data of dozens of companies. The affected companies include the names of Oracle, Airbus, Toshiba and Volkswagen.

What happened?

In a statement issued this week, the company revealed that it had fallen victim to a ‘targeted’ cyberattack in early April this year. The attackers involved in the attack had stolen a trove of client and customer data.

Although the attackers’ identities are unknown, it appears that the attack was executed for the purpose of extortion. The firm said that the hackers had tried to force CITYCOMP to pay a ransom in return of the data. In case, the company fails to pay the ransom, the threat actors threatened to expose the data online.

What is the impact?

As CITYCOMP did not comply, the stolen data has been released on the internet.

"Since Citycomp does not comply with blackmail the publication of customer data could not be prevented. The stolen data has now been published by the perpetrators and Citycomp's customers were informed about it,” said the firm in its notification.

What kind of data is involved?

ZDNet has learned that the stolen data includes customer email addresses, telephone numbers, meeting reports, asset lists, and other sensitive details. It also contains payroll records, project sheets and accountancy statements.

Where is the data posted?

The leaked data has been posted to a .onion domain. Such domains can only be accessed through the Tor network. Threat actors have claimed to leak “312,570 files in 51,025 folders and over 516GB of data.” This includes the financial and private information of clients such as VAG, Ericsson, Leica, MAN, Toshiba, UniCredit, and British Telecom (BT).

The data dump also includes information related to ATOS, Grohe, Hugo Boss, Oracle, SAP, and Porsche, among others.

What action has been taken?

CITYCOMP has informed all its clients about the cyber attack and data theft. It is also working with State Criminal Police Office of Baden-Württemberg to enhance security measures of all systems.

loader gif