A data server hosting multiple high-profile companies has fallen victim to hackers during a ruthless security breach. The attackers have shared stolen data publicly, and are demanding a sizable ransom in exchange for deleting the files. Worse yet, authorities still aren’t completely sure who the attackers are. With cyber attacks and ransomware incidents increasing in frequency, protecting your data online has never been more important. As this group of crooks is showing, though, bad guys are refining their tactics as well.

What companies were affected by this data breach?

Hackers recently struck a German-based hosting firm called Citycomp, whose clients included a number of valuable companies such as Oracle, Volkswagen, Toshiba, and Hugo Boss. The stolen material consists mostly of financial and personal data, with German offices of these companies more affected in particular.     Currently, the hackers are hosting the stolen data on a public-facing website where anyone can download and share it. As part of their strategy, the attackers are holding the information for ransom, and are demanding a payment in order to have the data removed from the host website.

How are Citycomp and authorities responding to the hack?

Citycomp has openly refused the demands of the hackers, and is currently awaiting results of police investigations into the cyber attack. Right now, authority figures are unsure of the true identity of the hackers, but have noticed a curious similarity between this incident and a recent ransomware campaign that struck elsewhere. The email address on the hackers’ website matches the email address from at least one previously identified ransomware scheme. This makes sense, as many professional hackers are repeat offenders who employ similar methods of harassment and bravado in their exploits. As for the hackers’ website where the stolen data is hosted, both Citycomp and authorities are not prioritizing any takedown at the moment. This means that anyone can visit the database, read the information inside, and share it if they choose to. I would caution against this, however, as authorities tracking the crime may have access to your IP address or other personal data. It’s equivalent to walking into a crime scene without any proper equipment. If you, or anyone you know, is an employee of one of these companies, you may want to change personal usernames or passwords as soon as you can. Even though the majority of victims in the attack are from Germany, an abundance of caution never hurts when it comes to data security. Going forward, hackers will continue to grow more bold as they learn what they can and cannot get away with. Thankfully, Citycomp is denying the hackers a platform to extort its business, which will hopefully set a precedent that deters future attackers from ransom-based tactics. Fighting back against hackers may seem like an uphill struggle, but they aren’t the only ones getting better at their jobs. As the investigation unrolls, we may end up learning more about who these hackers are, what was stolen, and why these companies in particular were targeted. Keep your eyes peeled and keep your private data safe — always.