Attackers managed to compromise a tobacco web platform in Romania. The British American Tobacco (BAT) is one of the most gigantic manufacturers of nicotine and tobacco products. It seems that everything happened due to a ransomware attack and data breach.
The data breach appeared at first on an Irish “unsecured Elastisearch server”. This stored around 352 GB of data. It seems that the hackers had managed to breach the data’s location.
The attackers used a ransom request in the form of a “readme” file wherein they had demanded a “Bitcoin payment”. The users should have paid in order to avoid their user data being deleted.
According to some sources, the cyber-researchers had discovered the data breach on a “server connected to the web platform YOUniverse.ro”. This is part of the Romanian promotional campaign for BAT.
The compromised data includes users’ “Personally Identifiable Information” (PII). Thus, the attackers stole name, gender, email address, phone number, date of birth, source IP and cigarette product preference. The platform aided Romanian smokers to win tickets to events and parties with local and international performing stars. According to specialists, it seems that the database remained unprotected for the last two months. This happened although the team tried a few times to solve the breach. Eventually, the specialists managed to stop the data breach, on November 27 2019.
The research team has been after the company’s local branch, the global company, the server’s host, Romania’s National Authority for Consumer Protection (ANPC) and the Certification Authority (CA) for some clarification. Still, the CA was the only organisation to came back to the team. Still, the journalists who follow the case of the tobacco web platform could not obtain any answer from the authorities.
Tobacco companies have to face a tough law in Romanian law. They have no right to advertise their products on TV or radio. Still, the law exempts certain sorts of promotional campaigns and event sponsorship. These are allowed if aimed at existing smokers over 18 years of age.
Got some time off from your work or studies to play Minecraft, but an annoying…
Despite being a discontinued model, the Brother MFC-L2700DW is still a user-favorite monochrome multi-function laser…
Imagine that you power on your computer, excited to play a game, watch a movie,…
If you wish to download and update the USB Joystick driver for Windows 10/11, you…
Broadcom is one of the leading manufacturers of semiconductor and semiconductor-based solutions for networking connectivity,…
This guide lists and explains some of the most trusted and easiest methods to execute…