Above: Shiva Parasram.
Cybersecurity consultant Shiva Parasram emphathises with TSTT customers who have information included in the data dump exfiltrated by RansomEXX, but warns that there is little that an individual can do about it. He noted that the raw data dump has migrated from the dark web and is now being shared on download sites like Megafiles.
“Honestly, I don’t think there’s much anybody could do because you know, it’s your name, your address, your ID,” Parasram said.
“Unfortunately, I have seen things like passports, drivers permits, death certificates, screenshots of payments from or transfers to confirm payments, screenshots of banking information.”
“There’s a letter by a businessman requesting a service. It’s a scan of a signed letter. Has his business address, account info, contact and dp. Then there are photos of his DP and passport. The only thing missing is his shoe size and blood type.”
“I don’t think there’s much anyone can do. You can change your password, but you can’t really change user names you can’t get a new ID card number and you’d have to move to get a new address.”
“This is one of the reasons why it’s so damning and the fines are so high in in the countries that that have laws for data leaks and data retention.”
“If my stuff was out there, there’s nothing much I could do and that data will be out there for very long time. Even if you somehow managed to pay a company to try to scrub that data, some sort of broker who would talk to the ransomware group, to tell them, I’d like to get this person’s name removed but then , you’re playing with fire. And you’d be pouring gas on the fire at the same time by doing that.”



