Hacker Leaks Data of Ecuador’s Public Telco Stolen Last Month During a Ransomware Attack

  • A forum user has posted a link to the dataset that was stolen from CNT during a ransomware attack last month.
  • CNT (Corporación Nacional de Telecomunicaciones) hasn’t acknowledged the data breach yet and continues to ignore it.
  • The data is now shared for free with a much wider audience than previously, so the implications have now become severe.

A hacker named ‘Holistic-K1ller has leaked the entire 11.23GB of the data set that was stolen from CNT (Corporación Nacional de Telecomunicaciones) last month from ransomware actors and is now sharing it for free via a Mega link posted on RaidForums. The forum listing confirms that the data is the same, and although the ransomware actors, ‘RansomEXX,’ initially claimed to have stolen 190 GB, they ended up posting 11.23 GB in 23 parts.

Source: RaidForums

The attack became evident via a disruption of CNT’s operations and, more specifically, the company’s payment portal and customer support service. On July 16, 2021, the state-run telecommunications carrier published a statement to inform its customers of an attack on their computer systems. On the same notice, CNT assured the public that no data had been accessed or stolen and that their internet connectivity, TV, and telecommunications services will remain unaffected.

Source: CNT

However, the RansomEXX posted the first samples of the data on July 21, 2021, when the initial negotiations for the payment of the ransom showed their first signs of a stall and eventually let it all out when it became clear that the firm wouldn’t pay them a dime. The leaked data includes documents containing sensitive information on CNT employees, names and contact details of clients, confidential documents like contracts with third parties, and even ID or driver’s license scans.

Although this data set has already been posted by the ransomware gang almost a month ago on the Tor extortion portal, seeing it shared for free on RaidForums makes a qualitative difference in the data breach incident. Not everyone knows how to access a Tor site, or is open to visiting a web page on the dark web, so even if the data was leaked there, they didn’t reach the wider audience that has access to a clearnet site like RaidForums. As such, the implications of the ransomware incident for CNT, its employees, and its clients have just taken shape on their actual proportions.

We have reached out to CNT to ask them about their plan on how to mitigate the effects of this data leak and the risks that arise for their customers, but we haven’t received a response from them yet. Unfortunately, the company is yet to confirm the data breach in the first place, so they’re still several steps behind the actual situation.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari