Sangoma has uncovered a data breach after stealing files during a recent Conti ransomware attack.
Sangoma is a provider of "voice over IP hardware" and software for the popular FreePBX PBX open source telephone system that allows organizations to set up a low cost corporate telephone system in network their.
Yesterday, the Conti ransomware gang posted more than 26 GB of data on the ransomware leak site that was stolen by Sangoma during the recent attack on cyberspace. This leaked data includes files related to accounting, finance, acquisitions, benefits and salaries of workers and the legal documents of the company.
Today, Sangoma confirmed that the ransomware attack resulted in data breaches following the publication of online private and confidential company information and employees her.
Sangoma Technologies Corporation (TSXV: STC) (or "Sangoma") announced that as a result of a ransomware cyber attack on one of their servers of the company, were published online privately and confidentially yesterday data owned by the company, ”he said in an advisory.
In attacks against software developers, there is always the concern that their products have been modified to deliver malware in supply chain attacks, as has been the case with the recent cyber attack of Solarwinds.
"There is no initial indication that customer accounts have been compromised, nor that Sangoma products or services have been affected as a result of this violation. While the research continues and with great care, the company recommends to customers to change them passwords ", the company stated in the advisory.
The ransomware company behind this attack is known as Conti, which was first identified in individual attacks in late December 2019, with the attacks gradually increasing from June 2020.
This ransomware shares code with Ryuk Ransomware and is known to be distributed by trojan TrickBot.
Conti hackers released their own data leak site by posting them date twenty-six victims in August 2020 after operating as a private company Ransomware-as-a-Service (RaaS) which hires experienced hacker to develop ransomware in exchange for large percentages money by ransom that gathers.
Source of information: bleepingcomputer.com