DragonForce group claims the theft of data after Co-op cyberattack

Article thumbnail image

This post was originally published on Security Affairs. It can be found here.

Hackers claim Co-op cyberattack is worse than admitted, with major customer and employee data stolen, and provide proof to the BBC.

The attackers behind the recent Co-op cyberattack, who go online with the name DragonForce, told the BBC that they had stolen data from the British retail and provided proof of the data breach.

Hackers shared screenshots with BBC of their first extortion message to Co-op’s cyber chief via Microsoft Teams on 25 April. They also called the head of security at the company around a week ago.

Initially, the company declared that there was “no evidence that customer data was compromised”.

However, the British consumer co-operative owned Co-op later confirmed that threat actors accessed data belonging to current and past members, BBC reported.

“The cyber criminals claim to have the private information of 20 million people who signed up to Co-op’s membership scheme, but the firm would not confirm that number.” reads the post published by BBC.

The DragonForce group also claimed the attack on M&S and told BBC that they have attempted to hack Harrods.

The threat actors accessed the company’s internal Teams, leaked staff credentials and 10,000 customer records containing Co-op membership card numbers, names, home addresses, emails, and phone numbers. BBC pointed out that after having verified data, they destroyed it.

“This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group,” a spokesperson told BBC.

DragonForce ransomware group scrambles victims’ data and demands a ransom; they are also known to steal victims’ data. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims. The group manages both Telegram and Discord channels, cybersecurity experts believe it is composed of English-speaking teenagers.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

This post was originally published on this site

Forum Search

Partners & Sponsors
  • University of Baltimore
  • Towson University
  • Bureau of Justice Assistance
  • National Science Foundation
LATEST FORUM POSTS
Test post2

Test Post2

By Demo User12, 1 year ago

Finding internships

Hello, Has anyone here secured any forensic related internships for 2024? I'm collecting some data and wanted to know what...

By AP Malla, 1 year ago

Beginner network forensic investigation

How should I approach network forensic? Would you recommend learning tools like WireShark?

By AP Malla, 1 year ago

Cyber Forensic Employment: High level guidelines

Understand the Basics: Know the Field: Cyber forensics involves investigating digital crimes, analyzing electronic data, and recovering hidden, deleted, or...

By AP Malla, 1 year ago

LATEST POSTS
The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang
Article thumbnail image
Hackers claim Co-op cyberattack is worse than admitted, with major customer and
Article thumbnail image
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Yii Framework
Article thumbnail image
Ireland’s Data Protection Commission (DPC) fined TikTok €530M for violating