Hackers have posted 42 gigabytes of data allegedly stolen from CEFCO Convenience Stores on a website known as Marketo.
Marketo the platform that holds all the stolen data is now accelerating things further and emailing the victim’s competitors for samples of stolen information and luring them to purchase the same.
Though the Marketo platform and the approach is new, the idea behind such activities are here for a long time, its all about pressurizing the victims to pay the ransom and achieve monetary benefits one way or the other.
The stolen data is sold for as low as $100 to tens of thousands of dollars, depending on the marketplace. The website shared that the stolen data includes “agreements, financial data, account lists, budget reports, NDAs and other interesting documents”.
“We identified suspicious activity on some of our computer systems and immediately engaged security experts to conduct a thorough investigation. That investigation is ongoing, but there is currently no evidence that any consumer payment card information was affected,” Reagan Francis, brand manager for CEFCO Convenience Stores, told CSP Daily News.
What is Marketo Data Theft Marketplace?
Last month, BleepingComputer reported that cybercriminals started to create dedicated data-theft extortion marketplaces that exist solely to sell stolen data.
Marketo is a leaked data marketplace launched on April 2021. Recently Marketo claimed to have breached a large, heavy machinery and defense technology company and began selling their stolen data.
The Marketo data theft marketplace is applying maximum pressure on victims by emailing their competitors and offering sample packs of the stolen data.
After we assume they could not find any buyers, Marketo started emailing the communication managers for the victim’s competitors to offer a “demo pack” of the stolen data.
“Hello, we are Marketo and we know you have a competitor. So we would like to inform you that we attacked them and downloaded quite a bit of data,” read the email shared with BleepingComputer.
The list of competitors that received this email includes multi-national billion-dollar companies whose names would be immediately recognizable to everyone.
Targeting victims’ competitors to pressure a ransom payment or even encourage other companies to purchase stolen data is not new.
Facts about ransomware and data leaks
This incident is a great reminder of these facts:
- Data breaches have a long shelf life. A scammer with data from a breach may have a password that you had previously used. This is why if you receive notice that your credentials have been breached, you must change your passwords immediately.
- Do not use the same password across multiple applications or web sites. A single data breach can expose you on multiple fronts.
- Be careful with the web sites you visit, especially on a work system. If you hold company data in your system, an attacker can access it via a malware attack launched from a rogue site.
- New permutations of this type of attack occur everyday. Consistent, relevant training and simulations are essential for preparing people with what they should do if they receive a phishing or ransom email
- Be prepared to face phishing, ransomware and scam attacks in both the workplace and at home. They can occur at any time. Engage with a Cybersecurity expert now!
