More than 200,000 messages from high-profile ransomware group Black Basta have leaked online.
The leak of more than a year of communications, as Ars Technica reported Friday (Feb. 21) exposes the group’s tactics, as well as an internal rift among its members.
According to the report, researchers say the leak comes in the form of messages members sent to each other via the Matrix chat platform from September 2023 to September 2024.
The leaker said the move was revenge for Black Basta targeting Russian banks, though it’s not clear if the person responsible was an insider or someone outside the group who managed to get access to Black Basta’s communications, the report added.
The FBI and Cybersecurity and Infrastructure Security Agency said last year that Black Basta had targeted 12 of America’s 16 critical infrastructure sectors in attacks on 500 organizations around the world. One of these attacks was on Ascension, a St. Louis-based health care system with 140 hospitals across 19 states.
“Black Basta’s internal chats just got exposed, proving once again that cybercriminals are their own worst enemies,” a member of security firm Prodaft wrote Thursday, per the Ars Technica report. “Keep burning our intelligence sources, we don’t mind.”
The report added that researchers say the leaks expose internal strife within the ransomware group, which has worsened since one of its leaders was arrested, as this raises the threat of other members being apprehended.
In other cybercrime news, PYMNTS wrote recently about the digital security landscape in light of reports that the massive breach on Change Healthcare had impacted 190 million people.
“With businesses increasingly digitized, the stakes for protecting customer data have never been higher,” that report said.
Research by PYMNTS Intelligence — from the report “The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses” — shows that the percentage of chief operating officers (COOs) who say their companies have adopted artificial intelligence (AI)-powered automated cybersecurity management systems tripled.
That figure had reached 55% in August 2024, climbing from about 17% last May. Each of the COOs surveyed came from a company that generates more than $1 billion in annual revenue.
“Complicating the landscape is ongoing uncertainty around whether data encryption should cover data at rest, in transit or even in use,” PYMNTS wrote. “This potentially leaves room for organizations to claim they’re compliant even while using what may be described as outdated or insufficient encryption protocols relative to contemporary AI-powered solutions.”
