Bleeping Computer yesterday reported that restaurant CRM platform SevenRooms confirms a data breach after data pops up on the dark web for sale. SevenRooms, the customer relationship management platform used by MGM Resents, Mandarin Oriental, Wolfgang Puck and many more, confirmed the data breach after a threat actor began selling stolen data on a hacking forum:
On December 15, a threat actor posted data samples on the Breached hacking forum, claiming to have stolen a 427 GB backup database with thousands of files containing information about SevenRooms customers.
The samples provided by the seller include folders named after big restaurant chains, clients of SevenRooms, API keys, promo codes, payment reports, reservation lists, and more.
After BleepingComptuer contacted SevenRooms about the data being sold online, they confirmed that it was their data was caused by unauthorized access to the systems of one of its vendors.
That’s not a good look. Apparently it was “a file transfer interface of a third-party vendor” that was pwned by the hackers in question. this interface has now been disabled. SevenRooms itself however has not been pwned.
Dr. Darren Williams, CEO and Founder, BlackFog had this commentary:
“The SevenRooms breach emphasizes the dominant trend from 2022, that data exfiltration is the main goal of all ransomware attacks. The days of data encryption are virtually behind us as the focus is on the monetization of the victim. By targeting the data the attacker has many different ways of making money, from the more blatant ransom on target, but increasingly on the victims who’s data has been exposed, which can be even more lucrative from a single exfiltration event. In addition, the data is often sold on the dark web for others to leverage into the future as evidenced from this attack.”
I would also say that attacks where connections with third parties are pwned are insanely common these days. Thus companies need to focus on those along with everything else that they need to lock down so that they don’t become the next story that I write about.
Like this:
Like Loading...
Related
This entry was posted on December 19, 2022 at 12:31 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
SevenRooms Confirms Data Breach After Data Put Up For Sale On The Dark Web
Bleeping Computer yesterday reported that restaurant CRM platform SevenRooms confirms a data breach after data pops up on the dark web for sale. SevenRooms, the customer relationship management platform used by MGM Resents, Mandarin Oriental, Wolfgang Puck and many more, confirmed the data breach after a threat actor began selling stolen data on a hacking forum:
On December 15, a threat actor posted data samples on the Breached hacking forum, claiming to have stolen a 427 GB backup database with thousands of files containing information about SevenRooms customers.
The samples provided by the seller include folders named after big restaurant chains, clients of SevenRooms, API keys, promo codes, payment reports, reservation lists, and more.
After BleepingComptuer contacted SevenRooms about the data being sold online, they confirmed that it was their data was caused by unauthorized access to the systems of one of its vendors.
That’s not a good look. Apparently it was “a file transfer interface of a third-party vendor” that was pwned by the hackers in question. this interface has now been disabled. SevenRooms itself however has not been pwned.
Dr. Darren Williams, CEO and Founder, BlackFog had this commentary:
“The SevenRooms breach emphasizes the dominant trend from 2022, that data exfiltration is the main goal of all ransomware attacks. The days of data encryption are virtually behind us as the focus is on the monetization of the victim. By targeting the data the attacker has many different ways of making money, from the more blatant ransom on target, but increasingly on the victims who’s data has been exposed, which can be even more lucrative from a single exfiltration event. In addition, the data is often sold on the dark web for others to leverage into the future as evidenced from this attack.”
I would also say that attacks where connections with third parties are pwned are insanely common these days. Thus companies need to focus on those along with everything else that they need to lock down so that they don’t become the next story that I write about.
Share this:
Like this:
Related
This entry was posted on December 19, 2022 at 12:31 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.