No ransom paid
MAYBERRY Investments has turned its attention to tracking persons who obtained or disclosed any data for its clients that was dumped on the dark web by those responsible for hacking its system recently.
The investment house, in a release Friday, said its cyber experts are now tracking the sharing of the information as part of risk-mitigation measures, in the aftermath of the recent cyber attacks that were carried out against it with the use of ransomware.
Mayberry stressed that no ransom was paid.
Play Ransomware Group, the entity which self-identified as being responsible for the cyberattack, left a comment on the Mayberry breach stating, “Private and confidential data, clients and employee documents, finance, taxes and etc. For now, partially published compressed 5GB. If there [is] no reaction, full dump will be uploaded.”
Mayberry however indicated on Friday that it has full access to all of its data. Clients who were impacted have been notified, the company said, adding that all clients have been able to conduct their business in the normal manner.
Additionally, Mayberry said it has notified the police about the breach and that its legal team has advised that it is illegal to obtain or disclose, deal in, with, or make public any of its data that contains personal information without its consent.
“This means that any person who sells, screen-grabs, receives, stores, views, or shares all or any portion of any of its data that contains personal information without its consent is likely to commit an offence. The offence(s) attract(s) fines of up to $5,000,000.00 or more and imprisonment of up to ten years.” This activity is also being tracked by its experts as part of the risk-mitigation measures being undertaken, Mayberry said.
It said clients requiring further details should contact its chief executive officer at gary.peart@mayberryinv.com.