Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific
Egyptian E-Payment Vendor Recovering From LockBit Ransomware Attack
Fawry confirms addresses, phone numbers, and dates of birth, leaked online.
The LockBit 3.0 ransomware group successfully encrypted files and also allegedly exfiltrated data from Egyptian e-payment provider Fawry.
Word of the breach went public when LockBit published on its dedicated leak site on Nov. 8 a sample of data that was allegedly stolen during the breach of Fawry’s infrastructure. The following day, cybersecurity monitoring platform Hackmanac claimed that the LockBit 3.0 ransomware attack had extracted the personal details of Fawry customers, leading to multiple banks advising customers to remove their account information from Fawry's platform.
Hit Files and Data
In a statement this week about the attack, Fawry said: "Fawry remains confident that this data will not impact financial transactions on its platform, but the company believes it may have included the personal details of some customers whose information had been on the testing platform as part of a system migration project." It also confirmed that some of the leaked details include addresses, phone numbers, and dates of birth.
Group-IB was called in to investigate the incident on Nov. 9, and over three days, it deployed "proprietary advanced cybersecurity solutions across 100% of Fawry’s server infrastructure," declaring the production and testing environments to be "clean as of Nov. 23 of LockBit presence."
Anurag Gurtu, CPO and co-founder of StrikeReady, says the Fawry cyberattack is notable for several reasons, including that the breach occurred in an isolated part of Fawry's network.
He describes Fawry’s response to the breach as "proactive" given that it employed a cybersecurity firm to investigate the attack. Gurtu recommends that other financial services entities consider the impact of this incident, and for them to take "precautionary measures to protect against potential data misuse."
However, Sumatra Sarkar, associate professor at the School of Management at Binghamton State University of New York, criticized Group-IB and Fawry for the "limited information" released, making it "challenging to assess the adequacy of the response to the incident."
Read more about:
DR Global Middle East & AfricaAbout the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024