Canadian directory publisher Yellow Pages says that it recently fell victim to a cyber attack.
The company, which operates the YP.ca and YellowPages.ca websites, along with Canada411 online service, suffered a data breach after being targeted by the ‘Black Basta’ ransomware and extortion group, as reported by BleepingComputer.
Black Basta has also reportedly posted sensitive stolen documents and data online over the weekend, including, but not limited to, ID documents, tax documents, sales and purchase agreements, and account spreadsheets.
The attack was first spotted by threat intel analyst, Dominic Alvieri, who saw Black Basta ransomware gang sharing information about Yellow Pages Group on its data leak website. Upon analyzing the post, it was confirmed that the ransomware group had leaked a sample of sensitive documents exposing personal information.
The cyber attack occurred on or after March 15th, 2023, based on the dates present on the leaked documents. Last year, Black Basta hacked Canadian food retail giant Sobeys, causing IT issues and malfunctioning point-of-sale (POS) kiosks. Earlier this month, the extortion group claimed responsibility for a cyber attack on Capita, a UK-based professional outsourcing provider. It threatened to sell stolen data to interested buyers unless Capita paid the ransom.
Yellow Pages Group’s Senior Vice President Chief Financial Officer, Franco Sciannamblo, confirmed the cyber attack, stating that the company had taken measures to contain the incident and ensure its systems were secure.
“Based on our investigation to date, we have reason to believe that the unauthorized third party stole certain personal information from servers containing YP employee data and limited data relating to our business customers,” he said. “We have been notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident. Substantially all of our services have now been restored.”
Image credit: Yellow Pages