Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers threaten to publish stolen data within days as leak site entry viewed more than 1,300 times.
The Space Bears ransomware operation has listed Sydney-based managed services provider Vertel as a victim on its ransomware leak site.
In a post dated 18 June, the gang claimed to have successfully exfiltrated data, including SQL databases, client personal information, and financial documents.
The hackers did not share any details regarding the total volume of data compromised during the attack, but it is threatening to publish the data before the end of June.
Historically, Space Bears will either publish the data if a victim fails to pay a ransom or will sell particularly useful data to any third party willing to pay.
Vertel has confirmed it is recovering from the incident.
“On Friday, 13 June, Vertel began responding to a cyber security incident,” a Vertel spokesperson told Cyber Daily on 19 June.
“To support our ongoing investigation, Vertel has engaged external cyber security experts at CyberCX, and response firm Atmos, and is working with relevant government authorities.
“Key lines of effort that our independent cyber security experts are working to understand include confirming the nature and extent of the incident, and identifying if data may have been accessed or stolen.”
Vertel confirmed that the incident has impacted its ability to provide services to its customers and clients.
“We know and appreciate that customers will be keen to understand how this incident may have impacted them. Our teams will work directly with customers where we establish any impact to them as we continue our work,” the spokesperson said.
“The security and privacy of our customers, our people and the broader community are our top priority.
“Our teams remain available to you, and can be contacted in relation to this matter via our dedicated mailbox: [email protected].”
Space Bears is a relative newcomer on the ransomware scene, first appearing in April 2024 and racking up 73 victims since then. The group’s leak site outlines the steps that victims need to take once targeted.
“If you see that a timer is running in your company’s block, you have a chance to avoid a data leak,” Space Bears’ About page said.
“To do this, you need to write to us in the ‘CONTACT’ form and indicate your details. Our support team will contact you shortly and help you.”
Space Bears’ most recent Australian victim was financial services aggregator 3P Corporation, which was listed on the gang’s leak site in late May. Despite denying that any data was impacted by the attack, large amounts of client data was compromised, including several thousand tax file numbers, bank account details, and employee payslips.
Vertel provides ICT and telecommunications services to a wide range of clients from both the public and private sectors. It provides network solutions, communications, cloud computing services, SaaS and security services. Its recent clients include Airservices Australia, the NSW government, NSW Ambulance, and ACT water supplier Icon Water.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
