• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » 140GB of confidential data from US-based door parts distributor leaked on hacker forum

140GB of confidential data from US-based door parts distributor leaked on hacker forum

by Edvardas Mikalauskas
31 December 2020
in Security
0
Door Control USA data leaked on hacker forum
101
SHARES

A 140GB archive that purportedly belongs to Door Controls USA, a US-based door parts shop, has been leaked on a popular dark web hacker forum.

According to the forum post, the archive includes confidential company data and sensitive documents related to Door Controls USA, including manufacturing blueprints, machine-readable manufacturing code, financial and accounting data, as well as various legal documents.

The archive was leaked on November 27-28. It appears to have been posted on the hacker forum after Door Controls USA seemingly refused to pay ransom to cybercriminals who breached the company’s network.

“The data is preloaded and will be automatically published if you do not pay. After publication, your data will be available for at least 6 months on our CDN servers.”

Ransomware message left on the forum post

We asked Door Controls USA if they could confirm that the leak was genuine. However, we received no response from the company.

What data has been leaked?

The leaked data appears to come from Door Controls USA, a commercial automatic and manual door part seller and manufacturer based in Ben Wheeler, Texas. Established in 1995, the company claims to offer “the widest range of products in the automatic door industry,” including door locks, bolts, checks, and more.

Based on the samples we saw from the leak, the archive appears to contain more than 140GB worth of confidential company data, split across two folders. One folder seems to hold company financials and accounting information, while the other is dedicated to sensitive research and development data, including:

  • Confidential product plans, models, and blueprints
  • Machine-readable G-code instructions for manufacturing a variety of proprietary door control mechanisms
  • Company campus layouts and their evacuation plans
  • Contracts
  • Financial and audit data
  • Credit card statements

Example of leaked manufacturing code:

Who had access to the data?

Because the archive was made freely available in the final week of November, we assume that a significant part of the hacker community was able to download and access the data since.

With that said, it’s uncertain how many forum users actually downloaded the entire 140GB archive, and of that, how many are capable or inclined to use the confidential data for malicious purposes.

What’s the impact of the leak?

Most of the data in the archive appears to be corporate rather than personal in nature, which means that it is the company and its employees who are the most likely to bear the brunt of the damage. Malicious actors could make a lot of money by selling confidential company data to competitors for corporate espionage and business intelligence purposes. 

For example, selling manufacturing blueprints, machine-readable G-code instructions, or other intellectual property to Door Controls USA’s competitors could harm the company by taking away its competitive edge.

On the other hand, accessing the company’s financial and accounting data, including credit card reports, would allow criminals to commit fraud in Door Controls USA’s name, such as applying for coronavirus relief loans during the pandemic.

To see if your data has been exposed in a security breach, use our personal data leak checker.

Next steps

For organizations that wish to avoid ransomware attacks, here are a few basic precautions that your company should have in mind:

  • Implement an intelligent threat detection system or a security incident event management system that will inform your system administrators about the breach and help them prevent data exfiltration from company servers in time.
  • Encrypt your confidential data with a salted secure encryption algorithm. In the event of a data breach, encrypted data would be all but useless to any potential attackers because it would be inaccessible without an encryption key.
Share101TweetShareShare

Related Posts

Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Next Post
Apple is sued by rival over alleged App Store monopoly

Apple removes 39,000 game apps from China store

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83034 shares
    Share 83024 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    57 shares
    Share 57 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • Custom mechanical keyboards – 17 coolest ones we’ve ever seen

    442 shares
    Share 441 Tweet 0
Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Italy consumer association sues Apple for planned iPhone obsolescence

Italy consumer association sues Apple for planned iPhone obsolescence

25 January 2021
Google on laptop and mobile

Google vs Australia: The Battle of the Precedents

25 January 2021
Makers of Sophia the robot plan mass rollout amid pandemic

Makers of Sophia the robot plan mass rollout amid pandemic

25 January 2021
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!