Wasn’t panda buy also recently targeted by a joint investigation from Nike and the Chinese government which led to the seizure of many warehouses for counterfeited items?
Isn't the next step to take the same amount of money and offer it to any bounty hunter that brings back the heads of the hackers (with sufficient evidence to link the heads to the attack)?
exposing customer names, phone numbers, email addresses, login IP addresses, home addresses, and order details.
So, nothing important? You know what else has names, phone numbers, home addresses, etc? Publicly available databases. It's called a phone book. IP addresses? Please. It's not static anyway and it might just lead to a VPN.
It's what they can do with all of it together. Particularly about calling you and pretending to be a real company, phishing you, because if they called your phone and confirmed your email, name, and home address and order details with you, then it's likely many people would believe them.
I'd be interested in your full name, address, your phone numbers, your email adresses, birth date and credit information (which is probably in the order details)
Anecdotally, the Seattle Public Library is currently recovering from a ransomware attack and still has major systems offline. Of all targets, a public library is a pretty major low.
has worked 100% percent of the time (probably a dozen times) I've shepherded future clients who have called me for assistance, because all their customer information, vendor data, and billing was locked, and they didn't have backups. if you're fucked, you chalk it up to a business expense whether or not you get your data back. you pay the ranson, and you pray. then when you get access to your data again, you lock it down. always. everytime.
It's bad business to not be honest and trustworthy. If a hacker group is known to always give back the data and not strike twice, they are obviously much more likely to get paid. No one's paying someone known for ripping off. We see this in company ransomwware all the time. They are friendly, helpful in explaining the breech, and professional. If they were the opposite, they'd be broke.
I mean news like this is the best way to stop people paying, I hope every business that doesn't pay sends the hackers this article and says this is why