Numerous data thefts have occurred in France in recent months. After two mutual insurance companies targeted and the massive hacking of France Travail (formerly Pôle Emploi), 52 GB of sensitive information was stolen from the Intersport brand by a group called Hunters.
25,000 files concerning customers and employees
As Clément Domingo, ethical hacker, reports on his X page, Hunters threatens to disclose this information if the brand does not pay a ransom. Among them are sensitive data about customers and employees of the brand specializing in sports.
🚨🔴CYBERALERT🔴 | 🇫🇷Intersport victim of cyberattack by Hunters ransomware group.
52GB of sensitive data from the Intersport brand would be in the possession of cybercriminals.
We are talking about +25,000 files including customer and even employee data.
On their… pic.twitter.com/xfjFdKgrPd
— Mr. SaxX. (@_SaxX_) April 3, 2024
The cybercriminals gave the company 48 hours to pay, otherwise the 25,000 files will be released into the wild.
The recycling of a hack dating back to the end of 2022
However, it is possible that this threat is the recycling of a previous hack, which Intersport also thinks. At the end of 2022, a group called Hive stole sensitive data from the brand. The group was, however, dismantled a few days later, in January 2023, and therefore did not have time to claim responsibility for the attack.
Hunters would be the successor to the Hive group and the data would come from this hack dating from the end of 2022, as explained by Valéry Marchive, editor-in-chief of MagIT.
Speaking to BFMTV, Intersport’s communications director, Guillaume Payen, confirms the hypothesis: “We are analyzing, but this seems to be a recycling of a localized attack that occurred at the end of 2022 among one of our members. Attack for which we have taken the necessary steps and declarations with the CNIL. We, however, remain mobilized to shed light on this new demand”.