Snatch’s cybercriminals have just added Ingenico to their list. This gang specializing in information theft threatens to publish internal data from this multinational of French origin, the world leader in the payment terminal market.
As noted by ZDNET.fr, four internal company documents were published by cybercriminals on their website to give credibility to their extortion attempt. These are various messages and documents, such as this weekly activity report or this spreadsheet. The sale on a forum of cybercriminals of sensitive data and access to Ingenico’s information systems had already been reported on twitter, last summer. It is unclear whether there is a connection between this announcement and the alleged data leak. But the company, in comments reported by Le Mag It, believes that the files put up for sale are stolen data dating from 2019. Clearly, there would be no cyberattack in progress and the sale would be more recycling.
Other French victims
Be that as it may, the multinational, which was swallowed up last year by Worldline, the former subsidiary of Atos, is not the only company of French origin to be in the sights of Snatch. The gang also put the companies Hensoldt France and Hemeria at the top of its list of victims. But again, these two victims have not just been hit by cybercriminals.
Hensoldt France – a defense company which took over part of the assets of Nexeya – had thus been the victim of a “serious” data leak in August 2022. The company Hemeria, a supplier to the space industry formerly in the fold from Nexeya, which became independent in 2019, had been the victim of an attack in April 2022. “Management said that it was not interested in the loss of data”, regret the cybercriminals in a recent message.
Although it had initially been identified as yet another gang specializing in ransomware, Snatch seems to have since focused solely on data leakage, a tropism already noticed in its early days. Thus, the profession of faith published on its site lists its methods in 17 points. The criminal organization ensures, for example, that it does not want to “disrupt supply chains” by encrypting data to favor the sole sale of stolen data. A kind of pivot among cybercriminals already observed by cybersecurity specialists, such as Coveware, which noticed more extortion attempts without encryption last year.
Article updated March 2 at 6:00 p.m. with Ingenico’s denial of a recent cyberattack.