Russian hackers exfiltrated data from from Capita over a week before outage

Kevin Beaumont writes:

Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using Qakbot phishing to deliver hands on keyboard access for weeks — and question if the playbooks organisations are using to handle ransomware groups are fit for purpose in 2023.

Read more at DoublePulsar.

About the author: Dissent

Comments are closed.