Posted on April 18, 2023 at 8:48 PM

Hackers publish data stolen from US network infrastructure firm CommScope

Hackers have published data stolen from CommScope, one of the largest network infrastructure companies in the United States. The data stolen from the organization includes thousands of employee social security numbers and bank account details.

Hackers publish data stolen from CommScope

CommScope is a network infrastructure company based in North Carolina. The company is responsible for designing and manufacturing network infrastructure products for customers such as schools, hospitals, and US federal agencies. However, the company was the recent victim of a ransomware attack that has led to its data being published online.

The data stolen from this company was posted on the dark web leak site for the Vice Society ransomware group. The ransomware group has shared a link to the stolen information. Ransomware groups usually target organizations with the objective of financial extortion. The groups demand that companies pay them money to keep stolen data private. However, when companies fail to pay, the data is published online.

A report by TechCrunch noted that the data stolen and published by the hackers include the personal details of employees and some company records. This data includes internal documents, technical drawings, and invoices.

The employee data stolen includes the full names, email addresses, postal addresses, personal numbers, social security numbers, and bank account details. One of the folders containing the stolen information includes the scans of employee passports and visa documentation.

The hackers behind this exploit appeared to have obtained deep access to the company’s network. The hackers exfiltrated backups of data belonging to the MyCommSpace customer portal and the company’s internal intranet.

Some of the data stolen from the company was not encrypted. This data included email addresses from both customers and employees. The number of employees affected by this exploit has yet to be determined. However, CommScope has a global employee base of over 30,000 people.

CommScope acknowledges exploit

A spokesperson from CommScope has confirmed that this exploit took place. CommScope’s Cheryl Przychodni admitted that the company had detected unauthorized access to some of its IT infrastructure. According to the spokesperson, this exploit was caused by a ransomware attack on March 27.

“Upon discovery, we immediately launched a forensic investigation with the assistance of a leading cybersecurity firm and reported the matter to law enforcement,” Przychodni said. The spokesperson further said that the company was investigating the reports of this data being published online on the Vice Society platform.

The spokesperson said they were working alongside third-party experts to validate the claims of the data stolen from the company’s network being published online. Przychodni noted that the company prioritized understanding the nature of the information published. The company has also said it was working quickly to conduct an intense review of the data affected by this breach.

CommScope has also failed to confirm whether the leaked information includes employee details. Moreover, the company has not mentioned whether it has notified the employees affected by this breach. As aforementioned, one of the folders included customer email addresses, which is a major breach of privacy.

Przychodni said the company had not detected any evidence that hackers accessed customer data during the breach. However, the spokesperson failed to mention whether the company had other platforms, such as server logs, to determine the type of data that was stolen from its systems.

Neither the hackers nor CommScope has shared an in-depth analysis of how its systems were compromised. It is unclear how the hackers gained access to the company’s systems. Moreover, the company had not mentioned whether the Vice Society hackers contacted it before the hacker was published online.

The Vice Society ransomware group came into the limelight in 2022. At the time, the ransomware group targeted multiple sectors, including education and healthcare. One of the main hacking attacks conducted by the group was on the Los Angeles Unified School District (LAUSD), where 500GB worth of sensitive data was stolen.

The data these hackers stole included psychological assessments and various highly personal information belonging to students. The hack on LAUSD was one of the largest breaches that have ever happened at the company.

The ransomware group seems to have turned its attention to the manufacturing industry. A recent TrendMicro report said Vice Society would become a “significant player” in the ransomware sector and one of the most popular ransomware groups.