FlagThis - #hellcat

Ascom, a Swiss global solutions provider specializing in healthcare and enterprise communication systems, has confirmed a cyberattack on its IT infrastructure. The attack, suspected to be carried out by the Hellcat group, exploited vulnerabilities in Jira servers. The company revealed that hackers breached its technical ticketing system.

The Hellcat group claimed responsibility, stating they stole approximately 44GB of data potentially impacting all of Ascom's divisions. Hellcat hackers are known for using compromised credentials to infiltrate Jira systems, leading to data breaches in multiple organizations. Security experts advise implementing multi-factor authentication, regular security audits, prompt patching, and employee training to mitigate such attacks.


References :

• Sam Bent: Ascom Hit by Cyberattack: Hellcat Group Exploits Jira Server Vulnerabilities
• The DefendOps Diaries: HellCat Hackers Exploit Jira: A Global Cybersecurity Threat
• BleepingComputer: Hellcat hackers go on a worldwide Jira hacking spree
• securityaffairs.com: Security Affairs Article about Ransomware Group Claims Attacks on Ascom

Classification:

• HashTags: #Ransomware #Healthcare #Cyberattack
• Company: Ascom
• Target: Ascom
• Attacker: Hellcat
• Product: Jira
• Feature: data theft
• Malware: Jira exploits
• Type: Ransomware
• Severity: Major

Orange Group has confirmed a data breach affecting its Romanian branch after a hacker, allegedly associated with the HellCat ransomware group and known as "Rey," breached their systems. The breach resulted in the exposure of over 380,000 email addresses and other sensitive data belonging to customers, partners, and employees. The attacker claims to have stolen thousands of internal documents after infiltrating the company’s infrastructure, and demanded a ransom which Orange refused to pay.

The leaked dataset includes over 600,000 customer records, employee details, financial documents, and source code. While the breach did not impact Orange’s core services, the company acknowledges major security gaps were highlighted as attackers had access to Orange’s systems for over a month before exfiltrating the data. This incident follows a similar cyber incident reported by Orange Spain just last week, increasing concerns about data security in the telecom sector.


References :

• Dataconomy: dataconomy.com on Orange Group data breach: Every step explained
• The420.in: the420.in on Orange Group Suffers Data Breach: Hacker Claims Theft of Thousands of Internal Documents
• www.cybersecurity-insiders.com: Orange Group, a telecom services provider based in France, has confirmed that one of its internal systems at its Romanian branch was breached by a cyber attacker identified as “Rey,â€� an individual reportedly associated with the HellCat ransomware group.
• bsky.app: French telecommunications and digital services provider Orange confirmed that a hacker breached their systems and stole company data that includes customer, partners, and employee information.
• CyberInsider: Confirmation of a data breach impacting the French telecommunications and digital service provider Orange Group, following the leak of internal documents, particularly those affecting Orange Romania.

Classification:

• HashTags: #DataBreach #Ransomware #OrangeGroup
• Company: Orange
• Target: Orange Group
• Product: internal systems
• Feature: data theft
• Malware: HellCat
• Type: DataBreach
• Severity: Major