In the recent cyber attack on CloudFire, a total of 9 Italian companies have fallen victim to the theft of approximately 400GB of data. The attack, claimed by the ransomware group Medusa on January 25th, exposed sensitive information, including personal identification documents, notarial deeds, sales contracts, financial and administrative documents, budgets, employment contracts, and payrolls.
CloudFire, a Cloud Service Provider (CSP) based in Reggio nell’Emilia, specializes in offering cloud computing services such as servers, storage, databases, networking, and software. The affected companies operate in diverse sectors, including vehicle sales, web marketing, legal services, occupational health and safety consultancy, food, travel agencies, and telecommunications services.
The Medusa group, responsible for the attack, has published proof data consisting of 30 files, with many containing copies of victims’ identity documents. Notably, an alarming aspect of the breach is the inclusion of a ransom note on the Medusa website, specifying a demand of $100,000 in bitcoin for the deletion or download of the stolen data.
Despite attempts to seek information from Medusa and CloudFire regarding negotiations, it has been reported that no negotiators from CloudFire had contacted Medusa at the time of inquiry. Additionally, efforts to obtain comments from CloudFire directly through email have, as of now, yielded no responses. This data breach underscores the critical need for robust cybersecurity measures and serves as a stark reminder of the potential risks and financial repercussions that companies may face in the aftermath of such security incidents.
SuspectFile will update the article in case of new items