Cyberattack: data from the Pau airport and business school published by hackers

A group of hackers published data from Pau-Pyrénées airport, the Pau business school and the city’s digital campus. The information contains administrative documents as well as employee information.

Data from three institutions in the city of Pau ended up online on May 26. The hacker group Monti Ransomware has disclosed a large database on its darknet site including documents from Pau-Pyrénées airport, the Eklore business school (formerly CNPC) and the Pau digital campus.

Documents published on the Monti Ransomware website.  // Source: Numerama
Documents published on the Monti Ransomware website. // Source: Numerama

Numerama was able to consult part of these files. These mainly consist of administrative documents, internal regulations, invoices, etc. However, we quickly come across the personal information of many employees as well as HR reports.

How did the data from three establishments from three different sectors end up online? According to Sud-Ouest, the hackers would have targeted the local chamber of commerce and industry (CCI) before attacking other entities. The airport, the business school and the digital campus all suffered a ransomware cyberattack on May 13. “ Investigations are underway, a cybersecurity service provider is involved and a complaint is planned », declared the CCI Pau Béarn to Sud-Ouest.

A growing group of hackers

Monti operates like any ransomware group: once hackers infiltrate the system, they exfiltrate data and cripple the system. Cybercriminals then demand an astronomical ransom from the victim if they do not want their data to end up on the web. Note that in France, administrations and public establishments have a rule not to pay ransoms.

This Monti cyberattack is one of the first large-scale attacks in France. This group of hackers, born in 2022, recovered malicious tools from the famous Conti collective, a cybercriminal organization dissolved after Ukraine’s invasion of Russia. One of the members of the gang had posted all the source code of their software online after the support of the Kremlin leaders in its war against Ukraine.

Monti recycled these programs and uses them again today. The specialized media The Record also notes that hackers improve their code by reinvesting ransom payments. A good reason already

Subscribe for free to Artificielles, our newsletter on AI, designed by AIs, verified by Numerama!

Source link -100