An excerpt from the screenshot of the RansomEXX data dump page shared by Gavin Dennis
Jamaican cybersecurity researcher Gavin Dennis has noted on his LinkedIn profile today that the RansomEXX group had hacked the Digicel Group in 2021 and posted 164GB of data data exfiltrated from the company.
The Jamaican cybersecurity community discovered the data dump and noted that more than 160,000 files were released. The hackers claim that the company files cover areas including Finance and Accounts Department (Receivables, Payables, Reports), Human Resources, ICT (Configuration files for some systems), data on subsidiaries (e.g. Trend Media), sales, marketing, data on internal projects, agreements with third-parties and analysis on competitors.
The data dump has been viewed 940,000 times since it was posted.
Abraham Smith, DigicelTT CEO, explained that, “Digicel Trinidad and Tobago’s data was not exposed or impacted by the data exposure you are referring to.”
A request for further background on the data breach has been sent to the Digicel Group.
Update (November 06, 2023): On November 21, 2021 the Digicel Group posted a note on its website noting the breach.
In that statement, the company noted that, “Unfortunately, some personal information pertaining to some of our Digicel Barbados customers was accessed. This included names, addresses, phone numbers and, in a few cases, some billing information. In the interests of full compliance and transparency, we have notified the relevant regulatory authorities and are now notifying affected customers about the impact to them.”
[…] TSTT attack, and security consultants were cautioning that RansomEXX could strike again, Lyndersay recalled that regional telecommunications provider Digicel had been hacked by RansomEXX two years […]