Advarra claimed to be compromised after SIM swapping attack | SC Media
Advarra claimed to be compromised after SIM swapping attack
SC Staff
U.S. medical trial solutions firm Advarra was claimed by threat actors affiliated with the ALPHV/BlackCat ransomware operation to have had more than 120GB of customer, patient, and employee data stolen following a successful SIM swapping attack against one of its executives, The Register reports.
Attackers threatened to leak the stolen data within 24 hours, but their claims of exfiltrating personal data, including names, birthdates, and Social Security numbers, as well as passport scans, have been removed from ALPHV/BlackCat's data leak site. Advarra confirmed that some employee accounts have been accessed as a result of a compromised phone number from a colleague but emphasized that none of its clients' or partners' systems have been impacted.
"Importantly, we have no evidence that the Advarra systems and products that clients use to interface with us were compromised or accessed. At this time, our business operations have not been disrupted as a result of this activity and we continue to operate as normal," said an Advarra spokesperson.
SC Staff
U.S. medical trial solutions firm Advarra was claimed by threat actors affiliated with the ALPHV/BlackCat ransomware operation to have had more than 120GB of customer, patient, and employee data stolen following a successful SIM swapping attack against one of its executives, The Register reports.
Attackers threatened to leak the stolen data within 24 hours, but their claims of exfiltrating personal data, including names, birthdates, and Social Security numbers, as well as passport scans, have been removed from ALPHV/BlackCat's data leak site. Advarra confirmed that some employee accounts have been accessed as a result of a compromised phone number from a colleague but emphasized that none of its clients' or partners' systems have been impacted.
"Importantly, we have no evidence that the Advarra systems and products that clients use to interface with us were compromised or accessed. At this time, our business operations have not been disrupted as a result of this activity and we continue to operate as normal," said an Advarra spokesperson.