Just last month, various databases and cloud storage servers belonging to Tivit, a Brasilian based IT solutions and network storage provider, were hacked/compromised by unnamed assailants using phishing assault.
In a series of leaks across Twitter over a 5 day time period, between December 7th-12th 2018, the login user names and credentials to more than a dozen Tivit cloud storage clients/accounts were dumped online.
This incident involved data from 19 other companies including kitchen appliances company Faber, Swiss insurance company Zurich, Brazilian financial institution Banco Original, software firm SAP and more.
At the present moment in time no one has claimed responsibility for the hack, and it appears as though though the Twitter handle used to leak the information online (@infoleakbr) was created earlier this month exclusively for this very purpose.
About the incident in question, as was explained by security experts, there are almost a thousand lines of code that appear to contain internal company routines, as well as access credentials of different large enterprise customers. The data seem to be internal process documentation of the company itself, and it is uncertain whether they were the product of an offensive action or published involuntarily by misunderstanding.
These are the Identifiable Clients Exposed by the phishing assault breach:
- CIP – hxxps://www.cip-bancos.org.br/SitePages/Home.aspx
- BROOKFIELD ENERGIA – hxxps://renewableops.brookfield.com/en/presence/latin-america
- JMACEDO – hxxp://www.jmacedo.com.br/
- MULTIPLAN – hxxp://multiplan.com.br/
- BRASKEM – hxxps://www.braskem.com.br/
- BANCO ORIGINAL – hxxps://www.original.com.br/
- FABER – hxxp://www.faber-castell.com.br/
- SAE – hxxp://portal.saebrasil.org.br/
- MITSUI – hxxps://www.mitsui.com/br/en/index.html
- ZURICH – hxxps://www.zurich.com.br/
- KLABIN – hxxps://www.klabin.com.br/en/home/
- VOTORANTIM – hxxp://www.votorantim.com.br/
- SEBRAE – hxxp://www.sebrae.com.br/sites/PortalSebrae
Tivit affirmed t that nine of its representatives fell for an email phishing assault a week ago. This enabled the assailants to access the databases put away in their frameworks. Nonetheless, the organization affirmed that neither its datacenters nor customer systems were invaded.
The firm additionally said that the episode was restricted just to the PCs utilized by the nine workers that had been focused by the phishing assault.
“We have been managing this issue as an issue of high need and have procured outside lawful and IT support to guarantee that all measures are set up to keep that from happening once more,” Tivit said.