The popular payment provider Ingo Money suffered a ransomware attack last week, but the consequences of the incident are yet unknown.
Cybernews claims that the company ended up on the data leak site belonging to Inc Ransom. Ingo Money is a company that provides payment services to both customers and businesses, and has more than a million downloads on the Google Play Store, alone.
It's staying silent on the matter and not responding to media inquiries, so additional information is thin on the ground, but we're hoping the company will come out soon to explain exactly how the incident happened, what type of data the attackers accessed, and how much they’re asking for in ransom.
Data in focus
Ingo Money, established in 2001,boasts ties with Goldman Sachs, Paypal, Geico, American Express, and other financial behemoths.
Inc Ransomware, on the other hand, is a relatively new entrant in the ransomware gang game but has quickly made a name for itself, reporting successful breaches of more than 35 organizations in the past 12 months alone.
Some of its victims include Yamaha Motor Philippines, a subsidiary of the Japanese powerhouse manufacturer. Roughly a week ago, the company reported that in late October, a threat actor compromised one of its servers and stole some sensitive data. In the meantime, Inc Ransom added Yamaha Motor Philippines to its data leak site, claiming to have taken 37GB of data. Some of the data, the media said at the time, included employee ID information, backup files, as well as corporate and sales information.
Today’s ransomware operators focus more on data exfiltration and less on endpoint and system encryption. While encrypting all files is highly disruptive and prevents the victim from functioning normally, stealing data is potentially more devastating as leaks might lead to regulatory fines, class-action lawsuits, loss of business, and more.