Sensitive Data of Multiple Organisations Been Leaked by the PYSA/Mespinoza Ransomware Operators

As a part of regular darkweb and deep web monitoring, the Cyble Research Team came across several data leaks of well-established organisations been posted by a trending group of ransomware operators named PYSA/Mespinoza.

In this instance, our researchers identified and verified data leak of multiple organisations such as Diamond Box, Allard-Europe, Matthews, Fincamex, St Andrew’s College, Liberty Linehaul, and several others. All these organisations are known for their service, for instance, Matthews Australasia is the Australian leader in intelligent product identification, product inspection, and software traceability solutions. Similar to it, Allard-Europe one of the well-known casting steel and iron firms based in Belgium.

Below are snapshots of multiple organisations which are been targeted by PYSA ransomware operators.

Our researchers found this data leak to be interesting, and to keep people informed about the on-going data leaks which could help companies and people to take measures in order to keep their data secured. Below are few snapshots of the massive data leak being published by PYSA ransomware operators.

Payroll of Allard-Europe Company
A Policy Cover of Dimond Box Ltd
Credit Card Details of Users

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.

About Cyble:

Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks