The cybercriminal group known as RansomHouse claimed responsibility for a cyber attack on a Sabesp network, which they posted on their leaks website. According to the post, the attack would have occurred on October 17th. On the 22nd, the company published a note stating that he had suffered an attack of this type but without other details. Cybercriminals published a page displaying a directory tree with links to files that may belong to the company.
The documents on display are mostly spreadsheets and have names such as “employees and contractors – 11092024 ER”, or “Lista_directors_secretarias”, and even “Cost centers x percentages defined for directorates O and T”. According to a note from cyber criminals, more than 2,000 servers were encrypted.
Sabesp issued the following on the RansomHouse claiming:
“On behalf of our partners, we apologize for the inconvenience many people have had to endure due to the incident. But we also want to explain the situation a little more. Firstly, the stories that Sabesp representatives tell that they will restore their infrastructure are all lies. Our partners report that more than 2,000 servers have been disabled and there is no chance of them being restored without our help as the company does not have backups. If they had backed up this data, it would have been restored by now. Taking into account the level of professionalism of the IT team employed by the company and the third parties with whom the company has contracts, the restoration would take at least 6 months or perhaps even longer. As far as the company’s claims that no personal data was leaked, that is also not true. It just hasn’t come out yet. Furthermore, the company contacted us in the early days and we offered our help to solve the problem once and for all, but they decided that their money is more important than their customers and simple people. At the same time, we received information that they are taking a lot of money from the company for purposes that have little to do with solving people’s problems, if you know what I mean. With our help, the company’s infrastructure can be restored in 4-6 hours and everything can return to normal on the same day. The steps the company takes indicate that its management has no value for people and customers, the only thing it has value for is money and profit, unfortunately“.
Source: Ciso Advisor
