In this weekly digest, we are observing two security incidents. In Brazil, criminals convinced an individual to sell his credentials, which allowed them to steal $140 million. Ingram Micro fell victim to a cyberattack. The company faces up to $136 million in daily revenue loss, while clients suffer from supply chain disruptions.
A large security incident happened in Brazil last week. The breach of C&M, a Brazilian technology service provider, affected several banks and fin-tech companies connected to the PIX system. As a result of the attack, criminals got access to the internal systems of six organizations. The exact amount of funds stolen is still unknown, but preliminary estimates range from $40 million to $140 million.
C&M provides services to around two dozen financial organizations. The breach didn’t affect clients’ accounts or internal balances. Criminals got access to companies’ reserve accounts, which were used only for interbank settlement and operations in PIX, Brazil’s instant payment system. They converted the stolen funds into various cryptocurrencies and transferred them to different wallets.
Brazilian police have detained a suspect in connection with a recent security breach. According to officials, the breach was the result of an insider attack. Earlier this year, criminals approached a C&M employee when he was leaving a bar and convinced him to sell credentials and launch a malicious code for $2,700. As a result, adversaries gained direct access to a software platform that controls reserve accounts.
Police are currently trying to track down and freeze stolen assets. To date, authorities have successfully blocked $50 million. Brazil’s Central Bank suspended part of C&M’s operations to reduce the risk of following attacks.
Another security incident affected Ingram Micro, one of the largest IT distributors in the world. Ingram plays a crucial role in supporting regional technology infrastructure in the Middle East and Africa, providing a range of business-to-business solutions, including hardware, software, cloud services, and other services for many regional companies and providers.
The company officially confirmed the incident after a brief delay, as several internal systems and their site were offline. The breach could have a significant impact, as it already disrupted order processing, shipping confirmations, and customer communications.
Criminals could take advantage of the access to Ingram's systems to target downstream customers. These companies usually maintain strong connections to the IT systems of distributors, making them vulnerable to supply chain attacks.
The breach could impact the business processes of numerous companies, particularly in the UAE, Saudi Arabia, and African countries, since Ingram provides services and solutions to government agencies and leading regional companies.
Preliminary information suggests that no customer or partner data has been exposed. However, the investigation is still ongoing. Representatives from Ingram Micro have stated that they are working diligently to restore affected systems and resume order processing.
The breach occurred during a critical time for the company, near the end of the second fiscal quarter. Analysts estimate that Ingram may face daily revenue losses of up to $136 million as a result of the incident.
Attacks like the C&M incident are particularly difficult to detect, as they involve the human element. Criminals target the employees of third-party companies or service providers to gain unauthorized access to internal systems and bypass security measures. Recently, a Coinbase contractor was bribed to leak sensitive data. This time, the criminals obtained credentials to conduct a supply chain attack.
To prevent such incidents, we suggest exploring advanced information security solutions, such as the Next-Gen DLP system, Risk Monitor. It combines data leak prevention capabilities with complex mitigation of human risks, providing 360-degree protection against internal threats, including accidental mistakes, malicious actions, and various forms of corporate fraud. Risk Monitor's AI-powered capabilities enhance security posture and ensure comprehensive protection of sensitive data.
Start your free 30-day trial now!
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!