[German]The US platform Dolly.com has fallen victim to a ransomware attack. The company paid to avoid publishing data. However, the cyber criminals were not satisfied and published the captured data anyway, as research shows.
Dolly.com is a platform for removals and on-demand deliveries in the USA, where helpers can register or customers can book services.
The platform was the victim of a cyberattack in which personal data was stolen from the platform. Allegedly, the platform then paid a ransom to the cybercriminals to prevent the data from being published. As it turned out, the cybercriminals published the data anyway.
The latest research by the Cybernews team shows that the attackers published the stolen data. The attackers posted details of the Dolly.com hack on a notorious Russian-language forum usually used by ransomware operators and traders of stolen data. The Cybernews team believes that the cybercriminals obtained sensitive company and customer data, such as:
- High level account credentials
- Credit card information
- Customer addresses
- customer names
- Registration data
- User emails
- System data
And why did the cybercriminals publish the data after payment? The criminals complained that the payment was not generous enough, which was allegedly the reason for the publication. And that's not all: the criminals also shared a chat with the company in a criminal underground forum.
"Dolly.com paid the ransomware operator to prevent the attack from becoming public. The attackers considered the sum insufficient. This was later presented as the main motivation for publicizing the hack and announcing a data auction with sample files and freely downloadable archive dumps," according to Cybernews researchers. Details can be read here.
