Data from Simplicia’s French website has recently surfaced on a dark web hacker forum, with an anonymous user claiming to possess information on 152,000 employees as part of the Simplicia cyber attack. Although the user did not take responsibility for the attack itself, they did announce their possession of stolen data from a security incident that occurred last week.
Simplicia, a company established in September 2018, specializes in providing IT solutions aimed at saving time for clients and allowing them to focus on data analysis rather than data retrieval. The hacker forum user, who goes by the username ‘Nationalist,’ made the announcement on the dark web with the headline “Simplicia.co Database, Leaked – Download!” The post was made on September 3, indicating that the hacking of the targeted website took place in September.
It is speculated that the user either downloaded or purchased the stolen data from a hacker who was unsuccessful in obtaining a ransom from Simplicia. ‘Nationalist’ has also made 178 other posts on the dark web platform, suggesting their involvement in similar data leak trades in the past. However, it has not been confirmed whether the leaked data from Simplicia matches official records in the company’s systems.
The data that was released as a result of the Simplicia cyber attack includes personal information of 152,000 employees, such as their names, client IDs, employee leave data, reimbursement amounts, and refund dates. Additionally, the stolen data also includes the employees’ national identification numbers (NIR) and insurance codes.
The dark web, where this information was posted, is not indexed by search engines, making it difficult for the average internet user to access these marketplaces where stolen user data is traded. The dark web originated in March 2000 and gained popularity in 2002 when users started using The Onion Router (TOR) to access it. Over the years, the dark web has seen the release of over 1.2 million payment card details and a multitude of leaked passwords, with “Qwerty” and “123456” being the most common.
This incident serves as a reminder for users to be vigilant about their online security and to use strong, complex passwords to protect their information. Tools like Cyble’s dark web search portal called AMIBREACHED can help users check if their data has been released on the dark web.
It is important to note that this report is based on internal and external research and is provided for reference purposes only. Users should exercise caution and take full responsibility for their reliance on this information. The Cyber Express, the source of this report, assumes no liability for the accuracy or consequences of using this information.