The Canadian directory publisher, Yellow Pages Group, has confirmed to BleepingComputer that it has been targeted in a cyberattack.
The Black Basta malware and extortion gang has exposed private information and files over the weekend and has taken credit for the attack.
Having been established in 1908, the Yellow Pages Group currently owns and runs the YP.ca and YellowPages.ca websites, as well as the Canada411 online service.
Customers’ and employees’ data was stolen by threat actors.
Although it’s true that directory services like Yellow Pages primarily gather and present public data, that doesn’t mean they don’t also have access to private corporate or personal data.
During the previous week, cybercriminal group Black Basta, which specializes in ransomware attacks, was discovered by threat intelligence researcher Dominic Alvieri to be disclosing information about YP on their data breach website.
Franco Sciannamblo made an announcement to BleepingComputer in which he confirmed that Yellow Pages Group had recently been the victim of a cyberattack.
It appears that the cyber assault took place on or after March 15th, 2023, based on the dates found on the few released papers that BleepingComputer was able to view, notably the most recent ones.
Black Basta is suspected of being responsible for a cyberattack on Capita, which was reported earlier this month. The group has threatened to sell the stolen data to potential buyers if the ransom isn’t paid.
Sobeys suffered from IT difficulties and broken Point-of-Sale (POS) machines last year due to a hack perpetrated by Black Basta.
Black Basta has demonstrated extraordinary speed and efficiency in the past year, often revealing a multitude of high-profile victims at the same time on their data leak page. According to security experts, the group’s negotiating tactics suggest that they may be a rebranded version of the Conti ransomware gang.