Computer game developer and publisher Crytek has confirmed that it fell victim to the ransomware Egregor in October 2020. The hackers encrypted the company’s systems, stole files with confidential customer data and published them on their darknet leaks site.
Crytek only sent out relevant notifications to affected users in August 2021.
“We want to inform you that Crytek has been the victim of a ransomware attack carried out by unknown cybercriminals. During the attack, certain data on our network was encrypted and stolen. We took immediate measures to prevent encryption of our systems and ensure the security of our environment and initiated an internal and external investigation of the incident, ”the company said in a notice.
Crytek confirmed that the hackers released the stolen documents, including first and last names, job titles, company names, email addresses, phone numbers and country of residence.
Crytek attempted to downplay the severity of the incident by reassuring affected customers that the ransomware site where their data was published is difficult to find and only a few would pay attention to it. In addition to this, downloading data from the site takes too long, so there will be few people willing to download it. In addition, few people want to download data from a cybercriminal website for fear of infecting their systems with malware that could be embedded in leaked documents.
It is worth noting that the arguments given by the company make sense only in relation to inexperienced computer users. Typically, people interested in getting this kind of data have the right knowledge, use loaders, and open files in virtual machines.
In addition to Crytek, Egregor’s list of major victims includes Barnes and Noble, Kmart, Cencosud, Randstad and the Vancouver Metro.
In February 2021, several participants in the Egregor operations were arrested in Ukraine as part of a joint operation by Ukrainian and French law enforcement agencies.
Egregor’s activity began in September 2020, right after the ransomware Maze announced the termination of their operations.
Catch up on more articles here
Follow us on Twitter here