Stolen Data From SolarWinds Breach Offered For Sale
In a stunning turn of events a new website popped up claiming to have the data that was collected as part of the SolarWinds Orion software hack and is offering it for sale. The site solarleaks.net appeared on January 12th 2021 purporting to sell the stolen data from Microsoft, Cisco, FireEye, and SolarWinds, and is offering the following products for sale:
[Microsoft Windows (partial) source code and various Microsoft repositories] price: 600,000 USD data: msft.tgz.enc (2.6G) [Cisco multiple products source code + internal bugtracker dump] price: 500,000 USD data: csco.tgz.enc (1.7G) [SolarWinds products source code (all including Orion) + customer portal dump] price: 250,000 USD data: swi.tgz.enc (612M) [FireEye private redteam tools, source code, binaries and documentation] price: 50,000 USD data: feye.tgz.enc (39M) [More to come in the next weeks] ALL LEAKED DATA FOR 1,000,000 USD (+ bonus)
The site goes on to claim they have had so many inquiries that they now require a deposit of 100 XMR cryptocoins (about $14,000) to be considered as a customer, but the deposit will be part of the full purchase price and will include a sample data pack that features the full archive content metadata and the “SolarWinds customer portal SQL dump as a gift.”
The latest intelligence indicates Russian actors infected more than 18,000 targets in the SolarWinds compromise, but not every target impacted was acted upon after the breach. The U.S. Government is claiming that around 10 agencies were acted upon post compromise and the number of commercial targets has not yet been determined.
A firewall, anti-virus and data backups are no longer enough to protect your business from compromise or to detect one if it occurs. Medicine Bow Technologies provides 13 individual security services for all of our managed clients, and the expertise to use them to help keep you safe. If you don’t have that much protection call us now to set an appointment at (307) 721-4050