[MART] - Daily Diary #366 - Pacific City Bank Breached by AvosLocker

CTAS-MAT ctas-mat at appgate.com
Mon Oct 11 20:14:32 UTC 2021


Hello,

I hope everyone is doing well!

Below is the entry for today.

10/11/2021 - Diary entry #366:


Pacific City Bank (PCB), an American bank based in California, focused on the Korean-American community, identified unusual activity on its network on August 30, 2021. Later on September 7, internal investigations concluded that an external actor had illegally obtained data from its network as part of a Ransomware attack operation.


The Ransomware gang behind this attack is the AvosLocker. Our team monitors AvosLocker's wall-of-shame website, where they claim: "All data is FOR SALE. Contact us with your offers. We only sell data to third parties if the owner of said data refuses to pay". They have so far 24 victims since its first victim publication on July 13, and in some cases, they leaked all the data. The Pacific City Bank breach was added in their wall-of-shame on September 4, containing screenshots and a sample claiming that they were breached.


Recently, the Pacific City Bank started to notify its clients about the breach, without naming the Ransomware group. The notification document discloses that the threat actors obtained some information from its systems that may vary by individual, but some common information are the following: name, address, Social Security Number, wage and/or tax information.


PCB said that they reported the incident to the law enforcement authorities and that they are reviewing their security policies and procedures to protect against this type of incident in the future.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
O: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/mart/attachments/20211011/f85e763f/attachment.htm>


More information about the MART mailing list