The hacking organization DarkSide claimed on Wednesday that it had attacked three other companies, despite the global outcry against its attack on the Colonial Pipeline this week, which has led to gasoline shortages and panic purchases on the East Coast of the United States
In the past 24 hours, the team has published the names of three new companies on its dark web site, called DarkSide Leaks. The information posted to the site includes a summary that appears to have been stolen by hackers but does not contain the original data. DarkSide is a criminal group whose claims should be considered potentially misleading.
The post indicated that in the face of the FBI’s investigation and the Biden administration’s condemnation of the attack, the hacker community did not back down. This also indicates that the organization intends to carry out more ransom attacks on the company, even if it released a secret message earlier this week that it regretted the impact of the colonial pipeline hacking incident and promised to introduce “moderate”
One of the companies is located in the United States, one is in Brazil, and the third is in Scotland. None of them seem to be involved in the critical infrastructure. Every company seems to be small enough that if hackers are not infamous worldwide for disrupting gasoline supplies in the United States, then terrifying hackers will fly around under the radar.
This American company is a technical service distributor based in Illinois. DarkSide claims to have stolen more than 600 GB of sensitive information, including passwords, financial information, HR information and employee passports.
The Brazilian company is a reseller of renewable energy products, and DarkSide claims to own more than 400 megabytes of data, including “customer’s personal data” and “agreement details.”
The Scottish company is engaged in the construction industry, and DarkSide claims that it has stolen 900 GB of data in three years, including contract, commercial and personal data.
CNBC has contacted the two companies to comment on the apparent ransomware attack.