Spanish telecommunications firm Telefónica confirms that its inner ticketing system was breached after stolen information was leaked on a hacking discussion board.
Telefónica is a Spanish multinational telecommunications firm that operates in twelve nations and has greater than 104,000 workers. The corporate is the most important telecommunications agency in Spain and operates underneath the title Movistar.
In an electronic mail despatched to BleepingComputer in the present day, Telefónica confirmed that its ticketing system was breached and is investigating the incident.
“We’ve got been made conscious of unauthorized entry to an inner ticketing system that we use at Telefónica,” Telefónica advised BleepingComputer.
“We’re at the moment investigating the scope of the incident and have taken steps to dam any unauthorized entry to the system.”
This affirmation comes after a Telefónica Jira database was leaked on a hacking discussion board, with the breach being claimed by 4 individuals utilizing the aliases DNA, Grep, Pryx and Rey.
Supply: BleepingComputer
One of many attackers, Pryx, advised BleepingComputer that the “inner ticketing system” is an inner Jira growth and ticketing server, utilized by the corporate to report and resolve inner points.
BleepingComputer was advised that the system was breached yesterday utilizing compromised worker credentials, and Telefónica blocked its entry in the present day after performing password resets on the affected accounts.
Utilizing the compromised worker accounts, the risk actors say they have been in a position to extract roughly 2.3 GB of paperwork, tickets, and varied information. Whereas a few of this information was labeled as clients, BleepingComputer was advised that the tickets have been opened with @telefonica.com electronic mail addresses, so it’s attainable that tickets have been opened on behalf of consumers.
Pryx says they didn’t contact the corporate or try to extort them earlier than leaking the info on-line.
Three individuals behind this assault, Grep, Pryx and Rey, are additionally members of a just lately launched ransomware operation referred to as Hellcat ransomware.
Hellcat is answerable for a latest Schneider Electrical breachthe place 40 GB of knowledge was stolen from the corporate’s JIRA server.
