A data breach affecting the UK-based online document signing and digital signature creation service provider, SigningHub, has been claimed by IntelBroker, a notorious threat actor within the hacker community. The breach, brought to light on nuovo BreachForums, unveiled critical elements of SigningHub’s infrastructure, such as API services, docker container files, certificates, libraries, and other sensitive data.
The ramifications of this breach extend not only to SigningHub but also to its parent company, Ascertia Limited, based in Surrey, United Kingdom. The breach, disclosed by IntelBroker on May 8, 2024, pertains to an incident that transpired in December 2023.
In the wake of the data leak, IntelBroker has received accolades from other users in the hacker community for this intrusion, with statements praising the leak of SigningHub’s source code as a significant accomplishment. The post shared by the threat actor, titled “SigningHub – File Signing SRC Leaked, Download!”, showcased the extent of the breach and its impact.
Efforts to extract more information about the SigningHub data leak from Ascertia have been met with silence, as no official statement or response has been released as of yet. This lack of communication has left the claims surrounding the source code leak unvalidated, causing unease among users and stakeholders.
To gain insight into the motives and techniques employed by IntelBroker, The Cyber Express engaged in a dialogue with the threat actor. In a recent interview, IntelBroker elucidated on their hacking journey, affiliations, and previous exploits, underscoring the scale and sophistication of their operations.
IntelBroker’s history includes a string of notable breaches across sectors such as aviation, technology, and government agencies. Targeted organizations like Los Angeles International Airport, Acuity, General Electric, and DC Health Link have all fallen victim to IntelBroker’s cyber incursions, exposing vulnerabilities in their digital infrastructure.
The alleged breach at SigningHub represents another chapter in IntelBroker’s cyber operations, adding complexity to their portfolio of data breaches in 2024. This incident underscores the urgency of addressing security concerns within organizations to safeguard against further breaches.
The Cyber Express remains vigilant in monitoring the situation and will provide updates on the SigningHub data leak as more information becomes available or any official confirmation is received from the organization.
Please note that the information presented in this report is based on internal and external research and is intended for reference purposes only. Users are advised to exercise caution and verify the accuracy of the information provided. The Cyber Express assumes no responsibility for any consequences arising from the use of this information.
As the story unfolds, the cybersecurity landscape continues to evolve, highlighting the importance of robust security measures to mitigate the risks posed by cyber threats and data breaches. Stay tuned for further developments as the investigation into the SigningHub data leak progresses.