Breach Notification , Cybercrime , Fraud Management & Cybercrime
Hackers Claim They Breached Telecom Firm in Singapore
Threat Actor GhostR Says It Stole 34 GB of DataA financially motivated hacker claims to have stolen over 34 gigabytes of data belonging to Singapore-based telecom company Absolute Telecom PTE Ltd.
See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks
Information Security Media Group could not immediately verify the legitimacy of the data. The sample data appear to include internal data such as login details, passwords and subscribers information.
The hacker dubbed GhostR claims to have access to the company's data including corporate, accounting, sales, customers, full credit card details and call records.
Absolute Telecom, registered in Singapore, It provides voice call services to enterprises including SIP Trunking, Enterprise PBX solution, Ribbon Enterprise Products and Telco grade IVR. The company did not immediately respond to a request for comment.
With a track record of data breaches claimed on a criminal forum named BreachForums, GhostR last week allegedly stole data from an Australian logistics company Victorian Freight Specialists.
BreachForums, an English-language criminal forum, was recently targeted by the FBI for seizure. Although, the site administrators managed to resume operations on the seized domain after a Hong Kong-based registrar restored their account, allowing them to regain control before transitioning to a different registrar.
Since then, the site has hosted data from high-profile breaches, including those affecting TicketMaster and the Spanish multinational bank Santander.
GhostR recently gained notoriety by threatening to release records stolen from World-Check, a database banks and institutions use to combat financial crimes and enforce sanctions.
The threat actor posted a spreadsheet with names of royal family members worldwide, showing accurate information.
GhostR also published spreadsheets listing identified terrorists, which also appear to refer to real persons. None of the spreadsheets includes contact information or other sensitive data beyond birthdates.