- How the web’s foundational tech is evolving in the era of remote work
- ITDM 2025 전망 | “불경기 시대 속 콘텐츠 산업··· 기술이 돌파구를 마련하다” CJ ENM 조성철 엔터부문 CIO
- 50억 달러 피해에서 700명 해고까지··· 2024년 주요 IT 재난 8선
- Network problems delay flights at two oneworld Alliance airlines
- Leveraging Avaya Experience Platform to accelerate your digital banking transformation
Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit
The Yellow Pages Canada company has confirmed to Infosecurity that it has been the victim of a cyber-attack.
“As soon as we became aware of the attack, we immediately commenced a thorough investigation into this issue with the assistance of external cybersecurity experts to contain the incident and ensure that we had secured our systems,” senior vice president and chief financial officer, Franco Sciannamblo, told Infosecurity in an email.
The breach reportedly affected some employee and business customer data, though the company did not specify what type of data in particular.
“Based on our investigation to date, we have reason to believe that the unauthorized third party stole certain personal information from servers containing YP employee data and limited data relating to our business customers,” Sciannamblo said.
“We have been notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident.”
Yellow Pages did not provide further information about the attack. However, the infamous threat group known as Black Basta has claimed responsibility for it, saying it involved ransomware and the publication of some data over the weekend, according to cybersecurity analyst and security researcher Dominic Alvieri.
Read more on Black Basta here: Black Basta Deploys PlugX Malware in USB Devices With New Technique
Sciannamblo added that all of the company’s services are now back online. Still, according to Chris Hauk, consumer privacy advocate at Pixel Privacy, it is unclear how long the information has been exposed.
“Yellow Pages Canada customers will want to stay alert for any bad guys looking to let their fingers walk through any additional information they can glean from them with email, text, or phone phishing attempts.”
Echoing Hauk’s point, Rebecca Moody, head of data research at Comparitech, explained that ransomware groups tend to give organizations a certain period to pay a ransom before publishing any data.
“This suggests that Yellow Pages Canada has only confirmed the ransomware attack due to Black Basta making its claim and publishing data on its hacking forum. This is, unfortunately, a growing trend. Businesses only tend to disclose these attacks if systems are taken down and/or data is published.”
The attack on Yellow Pages Canada is only the latest in a list of ransomware-related breaches that are evolving throughout 2023.