Campari, the hacker attack and the 15 million dollar ransom: “The data of 4,700 employees stolen”

Acomplex December for the party Campari. A new segment adds to the story of the ransomware attack last month in which the company experienced the theft of 2 terabytes of data, followed by the threat of releasing it if the company did not pay $15 million.

08:19 GMT, Saturday, December 5, 2020

“now able to confirm that some personal and corporate data have been compromised”now able to check that no personal and corporate information has been compromised. The business estimates that 4,736 personnel, 1,443 retired workers, and 1,088 consultants are interested in the data. In the Campari Network, among the ‘stolen’ details, name, nickname, e-mail address, cell phone numbers, position and identification number of employees. In addition to some contracts, documents and personal data, accounting data mainly referring to the US subsidiary of the group”

Overall, this is personal and company data which has been exfiltrated (i.e. copied to another server), encrypted or manipulated in scientific jargon. This include, for example, client business records and payment data, as well as applicant curriculum vitae and proprietary business documentation and information (such as analyzes, presentations, accounting). Owing to the effects of the attack, the content of which can not yet be known,”The content of which cannot yet be determined due to the consequences of the attack,”

Hazards and protections

For workers, leaked data is a serious concern. The lack of anonymity exposes the company’s staff and former collaborators to the unauthorized use by the Campari group of contact information, phishing and theft attempts, modification of payment data and consequent payment errors.

The most traditional situation is the alteration of an Iban code. The organization has issued a range of safety tips for this reason, including not responding to unusual requests or communications and not opening any links until you are completely confident that it is from a reputable source. The group then reiterates the attention paid to the already continuing inquiries that seek to protect both servers and end-user devices by hardening steps and a multifactorial authentication mechanism.

With a view to preventing unwanted entry. “The investigation into the information potentially acquired or compromised is continuing and we are in constant contact with the data protection authorities as well as fully collaborating with the police forces” Campari added.