Egregor ransomware operators have breached the network of the multinational human resource consulting firm Randstad NV and have stolen unencrypted files during the attack.
Randstad operates in 39 countries and employs over 38,000 people and generated €23.7 billion in revenue for 2019.
The Egregor ransomware operators published 1% of the alleged stolen data as proof of the attack. The archive is 32.7MB in size and contains 184 files.
The leaked files include financial reports, legal documents, and accounting spreadsheets.
Randstad published a data breach notification to disclose the incident and confirmed that the Egregor ransomware infected its systems.
“Randstad NV (“Randstad”) recently became aware of malicious activity in its IT environment and an internal investigation into this incident was launched immediately with our 24/7 incident response team. Third party cyber security and forensic experts were engaged to assist with the investigation and remediation of the incident.” reads the statement published by the company.
The human resource consulting firm revealed that the malware only infected a limited number of servers and that the operations were not impacted.
The company added that attackers accessed data related to their operations in the US, Poland, Italy, and France, but the investigation is still ongoing.
“To date, our investigation has revealed that the Egregor group obtained unauthorized and unlawful access to our global IT environment and to certain data, in particular related to our operations in the US, Poland, Italy and France. They have now published what is claimed to be a subset of that data.” continues the notification. “The investigation is ongoing to identify what data has been accessed, including personal data, so that we can take appropriate action with regard to identifying and notifying relevant parties.”
Egregor ransomware operators are very active in this period, this week they hit Metro Vancouver’s transportation agency TransLink causing the disruption of its services and payment systems.
(SecurityAffairs – hacking, Randstad)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.