The Dumpforums hacking group, which had previously announced a successful attack on the First Bit company (1cbit[.]ru), began publicly publishing data allegedly stolen from the company this week. The hackers claimed to have stolen 24TB of information from the company and demanded a ransom of 5 BTC.
In its Telegram channel, the group reported that it had obtained “an incredible amount of information on the public sector, critical infrastructure and much more” after spending more than a month on the company’s network. The hackers provided screenshots of the allegedly stolen data to support their statements.
The attackers gave First Bit until April 28, 2023 to pay a ransom of 5 BTC (approximately $149,000 at the current exchange rate), and warned that they would start publishing the stolen data in the public domain if the ransom was not paid. They also threatened to take “more serious measures” if the ransom was not paid.
Data Leakage & Breach Intelligence (DLBI) experts have now reported that the hackers kept their promise and began publishing information allegedly stolen from the company on April 28, 2023. So far, the dumps obtained from the Bitrix CMS have been made public, including data from the online software store soft.1cbit.ru (data relevant as of 04/22/2023), web studio studiobit.ru (data relevant as of 11/01/2019), information and entertainment portal for an accountant forum.1cbit.ru (data relevant as of 11/01/2019), and systems for counting visitors to shopping centers 1bit-count.ru (data current as of 11/01/2019).
The researchers have noted that all dumps contain names, email addresses (approximately 89,000 unique addresses), phone numbers (approximately 250,000 unique numbers), hashed passwords, logins, registration dates, and more.
According to the Telegram channel Data1eaks, the 1cbit.ru file contains data from 12,000 users, the abt.ru file contains data about webinar clients and support requests, as well as correspondence with support, the kkm.ru file contains data on register data rants and appeals to support, and correspondence with support, and the lid.1cbit.ru file contains data on calls and telephone activity from 131,705 telephone numbers.
Earlier, representatives of the company confirmed that a hacker attack on the “First Bit” had taken place, but did not confirm the data leak.
