Extortionist-cum-information broker “Everest Group” has pulled off a swath of attacks against large organizations in the Middle East, Africa, Europe, and North America, and is now extorting victims over records stolen from their human resources departments. This May, the long-overlooked threat actor advertised nine new cyberattacks. Victims ranged from healthcare organizations to construction and facilities management companies. But its biggest win came against Coca-Cola, from which it stole records associated with hundreds of employees, including their personally identifying information (PII) like names and addresses, salary records, and scans of passports and visas. In each of these leaks, researchers from VenariX found files relating to SAP SuccessFactors, SAP’s cloud-based HR management platform. The researchers believe the attacks to be legitimate and estimate that initial access in each case likely occurred through a third-party SAP service provider called “INK IT Solutions.”
‘Everest Group’ Extorts Global Orgs via SAP’s HR Tool (Nate Nelson – Dark Reading)
Related articles
