Maze ransomware group has today leaked tens of gigabytes of stolen data from LG and Xerox. Both the companies were breached last month, as per claims made by the Maze group. And after failed extortion attempts, the ransomware gang is now leaking the stolen data on their leak portal in the dark web.

Maze Ransomware Leak Stolen Data From LG and Xerox

Maze group is one of the prominent ones in ransomware space, where they follow the hit trend of stealing data before encrypting the network and extorting to leak data if the ransom is not paid. And now, it has done the same with their latest clients, LG and Xerox.

Maze ransomware has breached the networks of LG and Xerox in June this year and has stolen files worth 50.2GB and 25.8GB respectively. The group was now leaking all those stolen files in their infamous leak portal on the dark web.

Analyzing the incidents separately by ZDNet, LG has refused to give more information about the hack and directed to their communications team which has no proper response.

LG Leak
LG Leak

But, as per the Maze’s response to a question about this hack, they said to have skipped the encrypting part of their process, as their clients are socially significant and don’t want to disrupt their services. Thus, exfiltrated data of extorting ransom. On the other hand, in-depth details of the Xerox hack were not known too.

Xerox Leak
Xerox Leak

Though Xerox hasn’t replied to any of the ZDNet’s email queries, Maze group’s listing reveals the data about customer support operations was stolen. Though this isn’t as effective as customers’ data, it’s still a trove of the dump. On the other hand, LG’s leak contains the cloud-sourced firmware source code of various LG products like phones and laptops.

And since both LG and Xerox refused to surrender to Maze’s extortion attempts, the group has finally made leak entries for both companies in its portal and leaked the stolen data eventually. While the details of the hack aren’t known yet, Troy Mursch of Bad Packets says that usage of Citrix ADC servers has caused the attack.

LEAVE A REPLY

Please enter your comment!
Please enter your name here