Firstmac, an Australian financial institution, became the target of a cyber attack believed to be carried out by the Embargo ransomware group. The attack occurred on April 30th, 2024, when the hackers encrypted Firstmac’s servers and managed to steal approximately 500GB of sensitive data, including names, addresses, email credentials, and bank details.
Despite the ransom demands made by the cybercriminals, Firstmac made a bold decision not to give in to their demands. As a result, the Embargo ransomware group leaked the stolen information onto the dark web on May 8th, 2024. Subsequently, the stolen data was acquired by a third party who was willing to pay a substantial sum for access to the compromised information.
Following the breach, Firstmac took swift action to address the situation. The affected systems were immediately isolated, and efforts to recover the compromised data are currently in progress. The company reassured stakeholders that its operations are running smoothly and emphasized its stance of not negotiating with cybercriminals. Firstmac also expressed confidence in its recovery plan and ongoing efforts to secure its systems against future attacks.
Meanwhile, in a separate incident involving Europol, a threat actor known as “IntelBroker” has been actively selling stolen data related to the organization. The data being sold reportedly includes classified information, with screenshots shared on various platforms, including X, revealing FOUO (For Official Use Only) source code.
IntelBroker has demanded payment in XMR cryptocurrency, which is known for its privacy features that ensure anonymity in transactions and shield them from crypto sensors. While the accuracy of the stolen data has not been confirmed by Europol, the threat actor has also been selling information related to Five Eyes Intelligence, allegedly stolen from tech provider Acuity.
As cybersecurity threats continue to evolve and cybercriminals become more sophisticated in their methods, organizations like Firstmac and Europol are facing increasing challenges in protecting their sensitive information. It is crucial for companies to invest in robust cybersecurity measures and remain vigilant against potential cyber attacks to safeguard their data and maintain the trust of their stakeholders. The incidents involving Firstmac and Europol serve as important reminders of the constant threat posed by cybercriminals and the critical importance of implementing strong cybersecurity protocols to mitigate risks and protect valuable information.