Hackers have claimed to have breached the infrastructure of Sberbank’s digital risk management subsidiary BI.ZONE. Representatives of the company have assured that only a virtual machine on external hosting was affected and no customer data is at risk.
Data Leakage & Breach Intelligence (DLBI) experts have stated, based on the information published by the hackers, that they managed to gain access to the database of the bi.zone website running under the Bitrix CMS. The dump contains data of registered users (names, hashed passwords, email addresses) and leads (names, phone numbers, email addresses, places of work).
In their Telegram channel, the researchers wrote, “We were provided with several SQL dumps for analysis, from which it is clear that hackers probably gained access to the data of several sites (some of which are currently inaccessible): cyberpolygon.com, bi.zone, cyberacademy.bi.zone, touch.bi.zone, aftt.bi.zone. All dumps date back to April of this year and, in addition to real data, they contain many test records.”
The press service of BI.ZONE reported that the screenshots published by the hackers are “a virtual machine on an external hosting hosting the web pages of our conference sites.” It was emphasized that this virtual machine is not connected to the company’s infrastructure and no customer data is at risk.
The incident is currently being investigated.
