Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers post passport images and photos of storage units after claiming the hack of a UK self-storage company.
The Anubis ransomware gang has listed Storage King UK as a hacking victim on its darknet leak site, sharing a raft of passport scans it said belong to customers of the popular self-storage chain.
“Do you like it when people air your dirty laundry in public? I don’t think so,” Anubis said in a 30 September leak post.
“Well, if you happen to be a Storage King customer, I have bad news for you: you’re at risk!
“Usually, the phrase ‘air dirty laundry in public’ is used quite metaphorically, but here we literally have photos of customers’ personal belongings leaked for all to see.”
There are 15 photos of what appears to be the interior of a storage unit, complete with boxes, furniture, and other personal items. Anubis also shared the passport of the person renting the unit, naming them personally in the process, along with their residential address and personal email.
The hackers suggested that anyone reading the leak post contact the individual. But that’s not the only passport shared by the hackers – another scan shows dozens of identity documents that allegedly belong to Storage King customers.
“Photos of your stuff posted online can certainly be very unpleasant, but overall, they don’t pose a real threat,” Anubis said.
“Besides, to be honest, there aren’t that many of them, but what there really is a lot of is customers’ personal data, and this is definitely a serious threat to their security, because such data is of great interest to malicious actors.”
The hackers have already posted what appears to be the entire exfiltrated data set, which includes insurance documents, employee information, and scans of identity documents.
“Now the company must face the consequences of its decisions. They will have to make every effort to regain customer trust,” Anubis said.
“And the customers themselves can only hope that the consequences will not be too serious for them.”
Anubis has form when it comes to taking advantage of the personal nature of the data it has stolen. The hackers targeted the Pound Road Medical Centre in late 2024, sharing patient information and security footage from inside the medical centre as part of a leak post, alongside claims that it had found evidence of malpractice at the clinic.
At the time, the Pound Road Medical Centre was the group’s first and only victim. Since then, Anubis has claimed 14 more victims, including Storage King UK. The group is far from the most active ransomware operation at the time of publishing, but it may be one of the most aggressive.
Anubis describes itself as a specialist in “disseminating company data leaks supplied to us by our anonymous sources”.
Despite sharing similar branding and logos, Storage King UK is unrelated to the Australian self-storage company of the same name, leading several open-source threat intelligence feeds to incorrectly attribute the victim of this attack as Storage King Australia. Storage King UK has facilities in 48 locations around the UK.
Cyber Daily has reached out to Storage King UK for comment.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
