Employees at CommScope claim they haven’t heard from officials about the company’s response to a ransomware assault that allowed hackers to steal vast amounts of corporate and employee data from its networks in more than a week.
The IT firm recently acknowledged that it had been on the watchlist of a ransomware attack on (March 27) in which part of the company’s stolen files later showed up online. The company develops network infrastructure technologies for businesses, hospitals, schools, and federal networks.
Vice Society, a ransomware group that extorts victims by threatening to reveal internal files if a ransom demand isn’t met, claimed credit for the attack by putting the company’s stolen data to its dark web leak site.
Internal documents, technical drawings, company databases, invoices, and spending records are all part of the stolen material. Personal data about the employees is also included in some of the data.
According to several CommScope employees who spoke with TechCrunch, the company’s leadership last communicated with them regarding the cyberattack on April 18 and stated that they were maintaining a rapid pace of scrutiny and validation of the data purportedly provided on the dark web.
In an email to staff members, CommScope general counsel Justin Choi stated, Any employee information related to this incident, in our opinion, was unintentionally kept outside of our cloud-based human resources information systems.
The corporation claimed in an email sent to employees the day before that it “does not have evidence” that employee data was at issue.
Files containing the personal information of thousands of CommScope employees have been obtained by TechCrunch. (Home addresses, Social Security no’s, and bank account details) are all included in the files. Given that they were created by a CommScope employee who is no longer employed, some of the files are outdated.
A list of thousands of ex-employees with their names, addresses, and Social Security numbers may be found in another file. A folder containing scans of some employees’ current passports and immigration visas, including one for a child, is among the most recent material.
CommScope declined to reveal how many people it had informed of the incident so far when contacted for comment.
CommScope is moving pretty fast to estimate the affected data as part of its inquiry. Although we’re working as swiftly as we can, these data evaluations take time, and we want to be precise and thorough in our notifications to affected parties. As we have done throughout the duration of this incident, we continue to have direct communication with our staff as necessary, according to CommScope spokesperson Cheryl Przychodni.
Employees at the company told TechCrunch that the ransomware attack caused several days of general disruption throughout the business, including at the facility where some of the company’s products are manufactured.
On a coworker’s office computer, a ransom note allegedly said, “All of your files have been encrypted by Vice Society.” The ransom note has multiple email addresses that the gang uses to negotiate a ransom with victims as well as links to Vice Society’s dark web leak site that contains the company’s stolen files.
The hacking gang responded to TechCrunch’s email by asking, “Where did you get this mail?” If CommScope paid a ransom is unclear.
CommScope employees say they haven’t heard from officials in over a week regarding the company’s response to a ransomware assault that stole reams of corporate and employee data. After some of its stolen files appeared online, the IT behemoth, which designs and implements network infrastructure products for enterprises, hospitals, schools, and federal networks, acknowledged to a March 27 ransomware attack. By uploading the company’s stolen data to its dark web leak site, Vice Society, a ransomware group, claimed responsibility for the attack.
Vice Society extorts victims by threatening to divulge internal files if a ransom isn’t paid. Internal records, technical drawings, company databases, invoicing, and spending were stolen. Data contains employee personal information. Several CommScope employees told TechCrunch that officials last spoke about the cyberattack on April 18, saying the business was still working quickly to evaluate and verify the information that was allegedly shared on the dark web.