Ddosecrets Wikileakslike 1tbgreenbergwired: DDoSecrets, a WikiLeaks-like repository run by transparency activists, publishes 1TB of data from five companies that was first leaked by ransomware hackers.
“This is the largest release of secret documents in the history of mankind,” said DDoSecrets founder and director Miyuki Jokandi. “It’s like we’re throwing a grenade into all these companies. The public deserves to know what is being done to them.”
The data was obtained from several sources – from individual insiders to hacktavists and even from hackers who use ransomware as a business model. Most of it was obtained as an outcome of extortion attempts.
“We take all threats against our customers extremely seriously and we’re investigating this matter as a priority,” said Accellion when asked for comment.
The companies were notified in advance, but not the public. Those who paid got the data back. DDoSecrets says that it decided to publish the data because it has a moral obligation to do so, especially in the light of the recent WannaCry ransomware attack. “We have seen several incidents where companies have refused to give in to ransom demands,” said Jokandi. “While we applaud those who had the courage not to cave into these criminals, we also worry about what happens with the data that was stolen. We could not allow this to happen. We have done everything we could to prevent it.”
The release of the data has caused some concern among law enforcement officials who have expressed concerns about its use.
“I think that right now there’s a lot of uncertainty as to what can and cannot be done with this data,” said Tarik El-Bashir, assistant special agent in charge of the FBI’s cyber division in San Francisco. “It’s very revealing, but it’s also very dangerous at times. It’s important for us to use the right tools and address this issue in a smart way.”
Jokandi removed more than half of the data from the DDoSecrets website, fearing that it might cause some kind of terrorist attack. People can still download the rest from torrents and other sites that have been set up to host it. So far, however, there has been no reporting about any significant security issues resulting from its publication.
The companies whose data has been released are Accellion (PDF) ; Commtouch; Confideo, which is located in Luxembourg but lists an address in Poland; and Hytrust, which is based in Italy.
Accellion describes itself as a “leading provider of contact center solutions,” including voice and online chat support. It offers its products under the brand TelekomunikationsService GmbH, sometimes called TCS. A different company, known as TCS, is involved in the background of a number of cyber attacks against United States government and defense institutions.
Confideo is actually a software development company based in Luxembourg that also provides services to other companies. It’s part of the NorthPix Group that provides “information security technologies and services,” especially “defense intelligence and security consulting” to private-sector clients.
Commtouch, which was acquired by Verizon only last month for $1.5 billion, appears to provide some kind of cybersecurity solutions, but it’s unclear what exactly it has to do with the rest of the companies that were hacked.
Hytrust appears to be a company engaged in securing payment systems, as well as providing services to other companies. It has offices in Italy and Luxembourg.
The final two companies are based in the United Kingdom and Switzerland respectively. That’s where they are listed on their official websites. They sell information security products under several names, including Honeywell International and CSR plc.
CSR claims to be a “leading provider of customer service software, consulting and managed services to Fortune 500 companies.” It is unclear what kind of data it was storing, but it has been referred to as a contact log management company.
Honeywell says that it provides businesses and government agencies with “solutions that enable them to minimize risk and capitalize on opportunities.” It offers malware detection software, endpoint security and even wireless access points.
