The Maze ransomware operators have been on their toes for a continuous period and targeting multiple big companies on a regular period. In this instance, they breached HLB Belgium, one of the well-known global accounting and audit firms.
HLB Belgium was been established in the year 1969. HLB is a global network of independent advisory and accounting firms. They have a history of innovation, collaboration, and are dedicated to helping clients grow across borders. Through the power of 27,485 professionals across 153 countries, they combine local expertise and global capabilities to service their customer’s needs. Their members are locally established with deep roots in their local communities yet are closely connected with professionals from across the world, and support their clients as they grow nationally, regionally, and globally, ensuring a consistent high-quality client experience and personalized service wherever you operate. As per their global annual review 2019, their network grew by 7% and launched their new strategy. Besides that, it earned around 2.93 billion USD as its network revenue in the year 2019.
Based on the information leaked, it appears the negotiation between the ransomware operators and HLB Belgium failed, which lead to this leak. As per the current data leak, it appears that if the company does not comply with the terms of the ransomware operators then more data leak would be published online.
Below is the message been posted by Maze ransomware operators on their website-:
The Cyble Research Team has verified and reported this data leak. The data leak includes financial and legal documents and data of the company such as reconciliation of the company’s customer’s accounts, court appeals documents, the company’s client’s confidential documents, and many more. Below are the snapshots of a few of the sensitive leaked files from the large lot.
Reconciliation of Customer’s Accounts
Client’s Sales Credit Memo
Legal Court of Appeal Document
About Cyble:
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web, and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.