In a new incident, Maze ransomware claims to have stolen over 11 million credit card data and other bank data of Banco de Costa Rica (BCR). This was found by BleepingComputer on Maze ransomwareโs leak site, as they claimed to have first accessed the bankโs network in August 2019 and later in February 2020, but did not encrypt any data as it would make it hard amidst this pandemic. There isnโt any official confirmation from the bank yet.
Sneaked Twice, but havenโt encrypted the network
Maze ransomware is so infamous for its hits against reputed organizations. It has previously attached Southwire, Cognizant, etc. While it intends to steal data and encrypt the network before asking for a ransom, itโs slightly different now. In the case of Banco de Costa Rica (BCR), it decided not to encrypt, but just steal and ask for ransom.
Banco de Costa Rica (BCR) is a state-owned bank of Costa Rica. And it has millions of accounts from various nations. Itโs now said to be breached by Maze ransomware authors, whoโve posted a part of their stolen data on their leak site. BleepingComputer reported that Maze ransomware claims to have targeted Banco de Costa Rica (BCR) initially in August 2019, but did not steal or encrypt the network.
After this, they again sneaked into the network in February this year, and still found the system isnโt encrypted yet. Thus, they had stolen the data but even didnโt encrypt the web, citing the reason as it โwas at least incorrect during the world pandemic.โ And those stolen records consists of years of bank data and over 11 million records of credit card data. This includes the over 4 million unique card data and at least 140,000 records belonging to US citizens.
To prove this, the ransomware authors have posted a snippet of the stolen data, which contained 240 records of credit card data. It has the card numbers (with four digits removed), expiration data, and CVV codes. The bank hasnโt made any official comments yet. Until then, itโs suggested to those whoโre having bank accounts with BCR to call the bank and know their status of compromise and check their card activity.
Via: BleepingComputer