Trending

ee-track">
Link copied!

Sensitive Data of Multiple Organisations Been Leaked by the PYSA/Mespinoza Ransomware Operators

As a part of regular darkweb and deep web monitoring, the Cyble Research Team came across several data leaks of well-established organisations been posted by a trending group of ransomware operators named PYSA/Mespinoza. In this…

June 4, 2020 · 2 min read

As a part of regular darkweb and deep web monitoring, the Cyble Research Team came across several data leaks of well-established organisations been posted by a trending group of ransomware operators named PYSA/Mespinoza.

In this instance, our researchers identified and verified data leak of multiple organisations such as Diamond Box, Allard-Europe, Matthews, Fincamex, St Andrew’s College, Liberty Linehaul, and several others. All these organisations are known for their service, for instance, Matthews Australasia is the Australian leader in intelligent product identification, product inspection, and software traceability solutions. Similar to it, Allard-Europe one of the well-known casting steel and iron firms based in Belgium.

Below are snapshots of multiple organisations which are been targeted by PYSA ransomware operators.

Screen Shot 2020 06 04 at 3.33.54 am
Screen Shot 2020 06 04 at 3.34.06 am
Screen Shot 2020 06 04 at 3.34.13 am
Screen Shot 2020 06 04 at 3.36.09 am

Our researchers found this data leak to be interesting, and to keep people informed about the on-going data leaks which could help companies and people to take measures in order to keep their data secured. Below are few snapshots of the massive data leak being published by PYSA ransomware operators.

Screen Shot 2020 06 04 at 4.03.48 am
Payroll of Allard-Europe Company
Screen Shot 2020 06 04 at 4.06.48 am
A Policy Cover of Dimond Box Ltd
Screen Shot 2020 06 04 at 4.13.50 am
Credit Card Details of Users
Screen Shot 2020 06 04 at 4.18.25 am

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.

About Cyble:

Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams