The shipping company Corsica Ferries was the victim of a cyberattack which resulted in the theft of thousands of internal files, some potentially containing banking and personal data.
Corsica Ferries is in the eye of the storm after suffering a serious incident a few days ago, in the form of a computer attack. The Franco-Italian company had no less than 101 GB of confidential data stolen. The hackers, affiliated with the ALPHV group, made the stolen information available, explaining that the company had “ decided not to cooperate “.
A leak following an attack that hit Corsica Ferries at the end of October
The end of the holidays was very complicated for Corsica Ferries, which had informed its customers on October 27, 2023 of an interruption of its servers, with the website and the application unavailable for a while. The next day, the company announced a return to normal. Except that behind the scenes, it was much more tumultuous than on the Mediterranean Sea.
Corsica Ferries was hit by the ALPHV group, also known as BlackCat and Noberus, an entity specializing in ransomware. On its page, accessible from the dark web, we found the “ad” filed and claimed by ALPHV. On the latter, we find traces of a 101 GB file put online on 1er November, and which is now no longer available. What stolen data was held up by the hackers?
Stolen data, yes, but not necessarily information from the company’s customers
According to the hackers, the stolen files folder contains a lot of miscellaneous information, including:
- data from banking services (billing and others),
- personal information,
- internal documents, such as ship drawings.
Among the documents that were visible on the ALPHV window, we find an extract from the accounts, which shows the costs incurred for the company’s advertising campaigns carried out in Europe, or the costs of press relations in Italy, or that of call centers. A banking transaction between Corsica Ferries and one of its subsidiaries was also viewable.
It is unknown whether personal and banking data belonging to the company’s customers were part of the package. What is certain is that the ALPHV group decided to publish the file, due to the lack of cooperation from Corsica Ferries. Translate here that the company probably did not pay the demanded ransom.
3