Maze Ransomware group claims to have breached and stolen sensitive data from Conduent, a multi-national business services firm. This claim was supported by dumping a gigabyte worth of stolen data, which has some company’s financials in spreadsheets. There’s no official announcement from Conduent yet; thus, no information on how it was infected and the amount to ransom demanded.
Conduent is a large IT and business services company, which serves most of the Fortune 500 companies’ work. It’s having tens of thousands of employees working across the 40 countries, and reported over $4.47 billion in revenue last year. Ans this huge corp is now under strain from Maze ransomware gang, which claims to have breached the company’s network in May this year.
Samples Supporting Their Claims
Maze group further claims it has stolen data from unencrypted files and encrypted the computers. And to support their claim, they’ve played a 1GB worth of data in the form of two files. Mentioned as BusinessIntelligence.zip and Compliance1.zip, these contain various spreadsheets of financials, invoices, customer audits, commission statements, and other miscellaneous documents.
And since there’s no official confirmation from the company yet, there’s no word on how many devices were encrypted and how much ransom is being demanded. It’s unclear what services have been disrupted and how Maze authors have infiltrated into the company’s network. But, a warning from the Maze group is familiar to post the stolen data publicly if the ransom was denied.
Maze ransomware, this infamous group was praised by dark community for popularizing the theme of leaking stolen data. Thus, whenever a victim doesn’t pay the asked ransom, ransomware groups will publicize the stolen data, which can be used by other adversaries for exploiting any further.