MaxLinear Suffers a Data Breach During a Maze Ransomware Attack

MaxLinear Data Breach Maze Ransomware

Traditionally, ransomware attacks tend to be rather noisy. While distributors of keyloggers and password stealers want to remain as stealthy as possible, ransomware operators often tend to tell the victim just how much trouble they've caused, and they usually do it shortly after they've broken in. As a recent attack against a hardware company by the name of MaxLinear shows, however, times are changing, and so are ransomware operations.

The IT systems of the publicly-traded company were first breached around April 15. For more than a month, the hackers remained silent, which was unusual, but on May 24, they deployed the Maze ransomware and encrypted some of MaxLinear's data. Yesterday, the hardware manufacturer filed an 8-K form with the Securities and Exchange Commission (SEC) and shed some more light on the attack.

MaxLinear says that it will pull through

After realizing what's going on, MaxLinear immediately pulled its entire infrastructure offline and hired a cybersecurity company to help with the investigation. Apparently, the security experts have more work to do before they can say what happened exactly, but according to the filing, some of the systems have already been restored, and the rest should follow suit soon. Obviously, recovering from the incident will cost money, but MaxLinear believes that the effects on its financial statement won't be that serious. Crucially, the company announced that it has "no plans" to comply with the cybercriminals' demands.

When large corporations are attacked, the ransom demands are pretty serious, and by refusing to pay the ransom, MaxLinear will likely save hundreds of thousands of dollars. We're sure the shareholders are pretty pleased about this, but under normal circumstances, there is another, more important aspect to not yielding to the hackers' extortion attempts. It usually means that the whole attack was a waste of time for the cybercriminals. Unfortunately, when the Maze ransomware is involved, this is not quite the case.

MaxLinear employee data was stolen

The hackers didn't sit idle between April 15 and May 24. Whilst inside MaxLinear's systems, they found and downloaded quite a lot of data, and they are now using it as a leverage for a second extortion attempt. Having seen that the company won't pay for the decryption of the files, the cybercriminals are now threatening to leak the information if the company doesn't play by their rules.

The threats started materializing on June 15. Bleeping Computer says that the Maze ransomware operators leaked about 10 GB worth of data through their website. The cybercriminals claim, however, that in total, they've stolen around 1TB of information, and they can either leak it or sell it whenever they want. This is bad news for MaxLinear employees because, unfortunately, it's their information we're talking about.

On June 10, several days before publishing the SEC filing, MaxLinear filed a data breach notification with California's Attorney General Office. The same notification has also been sent to some of the company's employees, and it informs them that a lot of their personal details were exposed during the Maze ransomware attack.

The letter doesn't say how many people were involved, but it does reveal what sort of data got stolen. The hackers accessed anything from names, email addresses, compensation and benefits information to driver's license numbers, Social Security numbers, and financial account numbers. Affected employees are eligible for credit monitoring and identity theft protection services paid for by the company, and we're pretty sure that many of them will take advantage of the offer. Even so, this will hardly be a pleasant experience for them.

Stealing data before encrypting it is a relatively new and a very sinister twist in the operation of a few major ransomware families, and because of it, the risk for companies is effectively two-fold. Up until now, the remediation process relied on nothing more than a good backup. Data exposure is irreversible, though, which means that potential targets need to be more careful than ever.

By Duran
June 17, 2020
Ransomware
English
June 17, 2020
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

Pitney Bowes Suffers a Data Breach After Another Ransomware Attack

On October 14, 2019, mailing equipment manufacturer Pitney Bowes announced that it had become the latest in a long line of victims of the Ryuk ransomware. As TechCrunch noted at the time, Pitney Bowes is a massive... Read more

May 14, 2020
Ransomware

LabCorp Data Breach Fears Were Unfounded. It Was a Ransomware Attack

Laboratory Corporation of America Holdings or LabCorp has 60 thousand employees worldwide, helps with clinical trials in close to 100 countries, and processes around 2.5 million lab tests every week. This means that... Read more

July 20, 2018
Tips

What Is an SQL Injection Attack and How Does It Lead to a Data Breach

Data security is a big problem right now. We all know that information faces a number of threats when it's online, but we rarely think about the reasons for this. In theory, things shouldn't be so bad. Everybody knows... Read more

November 13, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.