- IdeaLab confirms it suffered a data breach, offers identity theft protection and credit monitoring
- Recently-departed ransomware operators Hunters International took responsibility
- The decryption key were recently published
Technology startup incubator IdeaLab has confirmed suffered a cyberattack in which it lost sensitive company files.
The organization confirmed the news after an extensive investigation that took almost a year, noting in a data breach notification letter sent earlier to affected individuals the attack most likely took place on October 4 2024, when cybercriminals accessed its network and stole sensitive information on current and former employees, current and former support service contractors, and their dependents.
We don’t know exactly how many people were affected by this attack, or what the nature of the data is. IdeaLab just said the attackers took people’s names, in combination with “variable data”.
Smuggling through
Still, it offers affected individuals complimentary identity theft protection services through IDX, which includes 24 months of credit and dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services.
At the same time, the media reported that a ransomware operation known as Hunters International took responsibility for the attack, adding the stolen data to its leak site, likely after a failed extortion attempt.
Allegedly, the leaked archive was 262.8 GB in size, and contained 137,000 files. Interestingly enough, earlier today Hunters International announced it was disbanding, apologized for the inconvenience caused, and shared decryption keys for all of its victims. It’s safe to assume IdeaLab is included in this list, as well.
The motive behind the shutdown remains in the domain of speculation, with multiple security outfits believing the group was simply rebranding in order to hide its tracks from law enforcement and cut ties with previous affiliates.
Researchers from Recorded Future, Group-IB, and many others, have pointed out that Hunters International recently launched a parallel operation called World Leaks, that does not deploy encryptors and just focuses on extortion.
Via BleepingComputer
Leave a comment