Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
The incident sparked discussions about the security of SMS authentication.
Advarra, a company that provides services for medical research and clinical trials, was attacked by cybercriminals associated with the ALPHV/BlackCat ransomware group. The attackers used the SIM Swapping method, transferring the phone number of one of the company's top managers to their SIM card, which allowed them to gain access to the victim's work and personal accounts. The incident sparked discussions about the security of authentication via SMS and voice calls, which may be vulnerable to such attacks.
The attackers claimed that they were able to steal more than 120 GB of data, including personal information of customers, patients and employees of the company, both current and past. They also published the personal details of a minor and a scanned passport of one of the Advarra executives as evidence of the intrusion.
Message about the Advarra hackon the website
However, after the hackers statements, a notice appeared on the leak site stating that Advarra must be contacted within 24 hours, otherwise all the stolen information will be published. Hacking and data theft occurred on October 25. According to one of the participants in the attack, the managers knew about the hacking on October 25, but did not pay the extortionists and did not even negotiate with them. Despite the threats, the company said that the situation is under control and that no systems that customers and partners work with have been compromised.
An Advarra representative confirmed to The Register that the employee was indeed a victim of the attack, but says the company has taken measures to prevent further access and is investigating with the involvement of cybersecurity experts and federal law enforcement agencies. According to them, the company's business operations are not disrupted and all systems are functioning normally.
Advarra, a company that provides services for medical research and clinical trials, was attacked by cybercriminals associated with the ALPHV/BlackCat ransomware group. The attackers used the SIM Swapping method, transferring the phone number of one of the company's top managers to their SIM card, which allowed them to gain access to the victim's work and personal accounts. The incident sparked discussions about the security of authentication via SMS and voice calls, which may be vulnerable to such attacks.
The attackers claimed that they were able to steal more than 120 GB of data, including personal information of customers, patients and employees of the company, both current and past. They also published the personal details of a minor and a scanned passport of one of the Advarra executives as evidence of the intrusion.
Message about the Advarra hackon the website
However, after the hackers statements, a notice appeared on the leak site stating that Advarra must be contacted within 24 hours, otherwise all the stolen information will be published. Hacking and data theft occurred on October 25. According to one of the participants in the attack, the managers knew about the hacking on October 25, but did not pay the extortionists and did not even negotiate with them. Despite the threats, the company said that the situation is under control and that no systems that customers and partners work with have been compromised.
An Advarra representative confirmed to The Register that the employee was indeed a victim of the attack, but says the company has taken measures to prevent further access and is investigating with the involvement of cybersecurity experts and federal law enforcement agencies. According to them, the company's business operations are not disrupted and all systems are functioning normally.
