Miami-based tech firm Intcomex reportedly suffered from a major data breach that exposed almost 1 TB of user data. According to Security Magazine, the breach most likely stemmed from a failed ransom negotiation with the tech firm.
Intcomex is a leading technology company that provides solutions and technology products to Latin America and the Caribbean, servicing more than 50,000 resellers in over 41 countries. It currently distributes a wide variety of computer parts and systems, mobile devices, software, cloud technology solutions, among others.
Following the ransom negotiation failure, the data was made available on an open Russian forum. Cybernews states that it first discovered a posting on the platform was made on September 14, 2020, while the second posting and part of the leak was made on September 20, 2020.
Security Magazine states that the files have been titled ‘Internal Audit’ and ‘Finance ER’ accordingly. The malicious attacker responsible for leaking user data maintained that the database will be revealed to the public over time.
Cybernews states that the folder names dictate that the most recent data found on the files were from July of this year.
Moreover, the hacker stated that the remaining data to be uploaded on the Russian platform are among the most sensitive and private information. These include full credit card information, Social Security numbers, passport details, license scans, bank documents, payroll information, and many others.
The data compromised include credit card information, such as the cardholder’s full name, the CVV2, the credit card number, and the expiration date.
Besides these, document scans, such as users’ the United States and Latin American passports, Social Security numbers, and profiles, as well as driver’s license scans, have also been made vulnerable to the public. Dates of birth, addresses, and zip codes also remain part of the full database obtained by the leaker.
Cybernews shares that payroll information, bank documents, accounting and finance details, customer databases, contragents databases, and employee information have also been compromised in the data breach.
Following this discovery, Cybernews alerted Intcomex about the incident on September 21, 2020, and a company spokesperson acknowledged that the server belonged to the tech firm.
In a statement, the spokesperson said, “Intcomex internally detected and responded to a cyber attack involving some of our systems. Upon learning of the incident, we took decisive steps to address the situation and protect our systems. We immediately engaged third-party cybersecurity experts to assist us in the investigation and we have implemented additional enhanced security measures.”
Apart from the aforementioned, the Intcomex representative also shared that the tech company has already reached out to law enforcement agencies to help with the incident. Likewise, the firm has also started notifying individuals affected by the data breach.