Comments
Around 500,000 records of Pine Labs including confidential client agreements, employee data, financial reports, and other internal documents were allegedly hacked by BlackMatter Ransomware Group according to Cyble Research Labs. Screenshots of the data leaked were shared on Cyble’s website on August 11.
Pine Labs, however, denied the claims.
Pine Labs is a B2B fintech solutions company working with various financial institutions and merchants.
BlackMatter Ransomware’s post showed 100GB of data was accessed, of which 500 MB worth of data had been shared as a sample.
The leaked data
The data leaked included service and private agreements, and invoices of Pine Labs with various financial institutions and Indian banks. Names, departments and email ids of several Pine Labs employees, too, were leaked. BusinessLine reviewed parts of the sample data.
“The attack came into the limelight after the BlackMatter ransomware group updated its victim list on its leak website on August 10, 2021. The impact of this attack is significant, as initial investigations indicate that the incident has affected multiple financial institutions using Pine Labs services across India,” Cyble wrote.
Sanjeev Kumar, Chief Technology Officer, Pine Labs, called the data leak baseless. “This is baseless. Pine Labs continues to be one of the most secure and compliant PCI-DSS platform. We can confidently state that our systems continue to be fully secure and our production systems continue to operate as usual and all customer data is safe,” he told BusinessLine.
Loophole
Sunny Nehra, admin of the cybersecurity firm Hacks and Security, told BusinessLine that while the data sets prove the breach took place at Pine Labs’ end, there’s always a possibility that the loophole in the network came from one of the client’s system or even employees.
“Systems of employees of Pine Labs could be an easy target for a ransomware attack. But I would like to believe that the company didn’t share such confidential business agreements with the employees. In all probability, Pine Labs’ system was attacked and they would need to do a thorough survey,” Nehra added.
BlackMatter Ransomware Group became active recently, in the past one to three weeks, Karmesh Gupta, co-founder and CEO, WiJungle, a cybersecurity company, told BusinessLine.
“Most of the breaches in the past were done by REvil and DarkSide ransomware groups, which went low lately. That’s when BlackMatter surfaced, mostly likely founded by the members of the previous groups,” Gupta said.
“BlackMatter has been majorly focusing on financial institutions, especially those using English as a common language for work,” he added. HHCP, a US-based construction company, and Huck Bouma PC, a Legal Services Company in US, have been targets too, Gupta revealed.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.