Hackers have released a large amount of data stolen from US network infrastructure giant CommScope, including the social security numbers and bank account details of thousands of employees.
The North Carolina-based company, which designs and manufactures network infrastructure products for a variety of customers, including hospitals, schools, and US federal agencieswas listed on the dark web leak site of the Vice Society ransomware gang.
The list includes a link to the company’s stolen data. Ransomware gangs often release stolen data when efforts to secure a ransom demand fail.
TechCrunch reviewed portions of the data, including internal documents, invoices, and technical drawings. The treasury also contains personal data on thousands of CommScope employees, including full names, mailing addresses, email addresses, personal numbers, social security numbers, and bank account information. Another folder among the leaked data includes employee passport scans and visa documentation.
The hackers appeared to gain deep access into the company’s network, extracting backup copies of data belonging to its MyCommScope customer portal and its internal intranet. Some of the data was not encrypted and appeared to include email addresses of CommScope customers and employees.
It’s unclear exactly how many employees have been affected. CommScope employs more than 30,000 people around the world.
CommScope spokeswoman Cheryl Przychodni confirmed to TechCrunch that the company detected “unauthorized access to a portion of our IT infrastructure that we determined was the result of a ransomware incident” on March 27.
“Following the discovery, we immediately launched a forensic investigation with the help of a leading cybersecurity company and reported the matter to law enforcement,” Przychodni said, adding that the company is investigating claims by the Vice Society that it has posted company network information.
“We are working with our outside experts to validate those claims and understand the nature of the information in question as a top priority,” he said. “We are conducting a thorough review of any affected data as quickly as possible.”
CommScope declined to answer our questions regarding the leaked employee data, and it’s unclear whether the company notified affected employees.
Przychodni added that CommScope has seen no evidence that customer information was accessed during the breach, but declined to say whether the company has the means, such as server logs, to determine what data was taken from its systems.
CommScope also declined to say how its systems were compromised or if it received any communication from the Vice Society hackers.
The Vice Society ransomware gang first made headlines in 2022 during a series of cyberattacks targeting the healthcare and education sectors. One of the biggest breaches hackers have seen posted a treasure trove of 500GB of stolen sensitive data from the Los Angeles Unified School District (LAUSD), which included psychological evaluations and other highly personal information on students.
The gang recently turned its attention to the manufacturing sector, according to the cybersecurity firm. micro trendwhich said that Vice Society will likely continue to be a “major player” in the ransomware landscape.
Do you work at CommScope? Do you know more about data breach? You can reach Carly Page securely on Signal at +441536 853968, or by email. You can also contact Zack Whittaker at Signal at +1 646-755-8849 or zack.whittaker@techcrunch.com. You can also share files and documents with TechCrunch through our SecureDrop.