ThyssenKrupp sample database for sale on data leak website

CloudSEK Threat Intelligence detects a sample database of the Engineering and Technology giant ThyssenKrupp that contains 30MB data for sale.

Updated on

April 19, 2023

Published on

October 19, 2020

Read MINUTES

Subscribe to the latest industry news, threats and resources.

Table of Contents

This is also a heading
This is a heading

In August 2020, Mount Locker ransomware gang targeted Engineering and Technology giant ThyssenKrupp in what appears to be a data breach. ThyssenKrupp is a German multinational conglomerate and with 670 subsidiaries worldwide it is one of the world’s largest steel producers. The company is based in Duisburg and Essen. One of their subsidiaries ThyssenKrupp Marine Systems manufactures frigates, corvettes and submarines for the German and foreign navies. And in a recent cyberattack targeting the group, Mount Locker ransomware operators advertise what seems to be 30 MB of data related to ThyssenKrupp System Engineering group. Mount Locker operators, who refer to their victims as clients, maintain a site in the dark web to display leaked data if the victim refuses to pay the demanded ransom. To authenticate the threat, they have posted part of ThyssenKrupp’s data publicly on their data leak website. The data is apparently being sold for 35 BTC. [caption id="attachment_8371" align="aligncenter" width="363"]

Source: Mount Locker PR site[/caption] [caption id="attachment_8373" align="aligncenter" width="624"]

Sample company data available for download[/caption]

Business Impact of Ransomware

Loss/ unavailability of critical data and other crucial information
Business downtime resulting in monetary loss
Business disruption after the attack
Loss of reputation and goodwill for the victim organization
Client lawsuits and compliance fines
Damage to hostage systems, data, and files

Mitigation

Defense in depth implementation
Strong network perimeter defense
Vulnerability and patch management
Impart security training to employees addressing dangers of social engineering
Practicing cyber hygiene
Periodic Vulnerability Assessment and Penetration Testing
Purple Teaming for organizations with mature cyber security programmes

CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.

Table of Contents

This is also a heading
This is a heading

Recent Articles

Critical CSRF Vulnerability in IBM CICS TX - CVE-2023-42027 Demands Immediate Action

November 15, 2023

CVE-2023-43792 baserCMS is a website development framework vulnerable to Code Injection attacks

November 6, 2023

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.

Schedule a Demo

Real time Threat Intelligence Data

More information and context about Underground Chatter

On-Demand Research Services

Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.

Trusted by 400+ Top organisations

Get started

Learn more