Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Japanese IT services multinational says “monitoring continues” following listing by Coinbase Cartel ransomware group.
Japanese IT giant NTT Data was recently listed on the darknet leak site of a newcomer ransomware gang called Coinbase Cartel.
However, while the company is aware of the listing, it is denying any data compromise despite the hackers’ claims.
“We are aware of this matter but have not confirmed any data leakage,” an NTT Data spokesperson told Cyber Daily.
“Monitoring continues.”
While Coinbase Cartel describes NTT Data as the victim, it appears the actual data breach may relate to a company acquired by NTT Data in 2022, the US-based digital transformation firm Vectorform. That latter company is listed in the header of the leak post, so it’s likely the hackers compromised a server that once belonged to the company before its acquisition.
Coinbase Cartel has not published any data as of the time of publication.
NTT Data and its 2022 acquisition were among ten victims claimed by Coinbase Cartel on September 15, when the gang first emerged on the darknet. Other victims include Canadian financial services firm Desjardins, South Korean telco SK Telecom, and hydrogen fuel cell manufacturer Plug Power.
According to the hackers’ leak site, the group “specialises in data acquisition through system access and strategic partnerships”.
“We focus exclusively on data exfiltration – our operations never involve system encryption or operational disruption.”
The group says it focuses on gaining leverage, not disrupting the systems of its victims. It’s a strictly non-political group, and its targeting, it says, is largely opportunistic. Coinbase Cartel also appears to be actively seeking partners in crime.
“We welcome strategic collaboration opportunities with organisations and individuals who possess authorised access to corporate systems or proprietary data, provided appropriate documentation of ownership can be verified,” Coinbase Cartel said.
“Compensation structures are tailored to each partnership arrangement, with options including fixed-rate agreements or revenue-sharing models based on the nature and value of the collaboration.”
While NTT Data appears to have dodged a bullet in this instance, it wasn’t so lucky earlier in the year. The company disclosed a February data breach in March, saying it had “discovered that its facilities had been illegally accessed on February 5, and confirmed on February 6 that some information may have been leaked (hereinafter referred to as the “Incident”)”.
“As a result of our internal investigation, we have discovered that some of the information about services for corporate customers stored in our internal system, the Order Information Distribution System 1 , may have been leaked to the outside. Please note that information about services for individual customers was not included.”
The data of 17,891 companies was impacted by the incident.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
