Hack At Anodot Leaves Over A Dozen Breached Companies Facing Extortion

Hackers person reportedly stolen information from astatine slightest a twelve companies pursuing a breach astatine business monitoring package shaper Anodot, leaving its customers exposed to extortion and astatine consequence of having their information published online.

Bleeping Computer, among nan first to report nan Anodot breach, and BBC News some reported that nan ShinyHunters hacking group was threatening to merchandise nan stolen information if its ransom demands were not met.

The breach is nan latest illustration of hackers targeting package utilized by firm giants successful an effort to bargain delicate information from aggregate companies successful 1 go. 

Anodot, which helps its firm customers observe outages and different issues that mightiness impact their expertise to make revenue, said on its position page that nan incident began connected April 4, erstwhile nan company’s information connectors stopped working, preventing its customers from accessing their cloud-stored data.

According to nan reports, nan hackers collapsed into Anodot and stole authentication tokens that its customers usage to summation entree to their information successful nan cloud. Using those tokens, nan hackers stole reams of customer information from nan unreality storage. 

One unreality retention provider, Snowflake, trim disconnected Anodot customers from their unreality information aft detecting “unusual activity” successful immoderate information stores, said Bleeping Computer.

One of nan affected companies is said to beryllium Rockstar Games, nan shaper of nan Grand Theft Auto and Max Payne video games, per gaming news outlet Kotaku.

“We tin corroborate that a constricted magnitude of non-material institution accusation was accessed successful relationship pinch a third-party information breach. This incident has nary effect connected our statement aliases our players,” Rockstar spokesperson Murphy Siegel told TechCrunch successful an emailed statement.

Rockstar Games was besides breached successful 2022, erstwhile hackers stole and published an early trailer for nan company’s upcoming flagship game, Grand Theft Auto VI.

Snowflake did not respond to TechCrunch’s petition for remark connected Monday. Glassbox, which owns Anodot, besides did not respond to a petition for comment. 

ShinyHunters are a group of mostly English-speaking hackers known for stealing information and extorting their victims. The hackers are known for their societal engineering skills, specified arsenic impersonating IT thief table and support unit to instrumentality labor astatine ample companies into granting them entree to accounts aliases systems connected nan company’s network.

The group targets companies that shop ample amounts of information successful unreality storage. In nan past year, ShinyHunters has focused connected companies for illustration Anodot, Gainsight and Salesloft, which let their customers to entree and analyse ample datasets successful their unreality storage, successful an effort to bargain passwords and tokens. In immoderate cases, nan stolen information has contained tokens that allowed nan hackers to subsequently breach different companies.