Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
    • Best web hosting services
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » 440GB of data from US-based temporary staffing agency leaked on hacker forum

440GB of data from US-based temporary staffing agency leaked on hacker forum

by Edvardas Mikalauskas
14 December 2020
in Security
0
Automated Personnel Services data leaked on hacker forum
90
SHARES

A 440GB archive that purportedly belongs to Automation Personnel Services, a US-based temporary employment agency, has been leaked on a popular hacker forum. Automation Personnel Services says the post-breach investigation “is currently ongoing and the scope and nature of the data impacted is not yet confirmed.”

According to the forum post, the archive includes confidential company data and sensitive documents related to Automation Personnel Services users, partners, and employees, such as accounting and payroll data, as well as various legal documents.

The archive was leaked on November 24. It appears to have been made public as a consequence of a failed negotiation with cybercriminals, after Automation Personnel Services apparently refused to pay the ransom.

A picture containing text, screenshot, monitor, screen  Description automatically generated

“The data is preloaded and will be automatically published if you do not pay.”

Ransomware message seen in the forum post

We asked Automation Personnel Services if they could confirm that the leak was genuine, and whether they have alerted their partners and customers. According to Randy Watts, executive vice president at Automation Personnel Services, the company is “working with a third-party forensic investigation firm to determine the nature and scope of this event.”

“Protecting the information in our possession and the security of our systems is a top priority. We have and will continue to implement further enhancements in our security and response measures, including the notification to any impacted parties as necessary.”

Randy Watts, EVP at Automation Personnel Services

What data has been leaked?

The leaked data appears to come from Automation Personnel Services, which lists itself as “one of the leading temporary staffing agencies” in America, with more than 30 locations across the US. Established in 1990, the company offers its services to employers and job seekers from the manufacturing, technical, automotive, and other industries. 

Based on the samples we saw from the leaked archive, it appears to contain confidential company data from the past four years (2017-2020) and includes:

  • Corporate accounting and payroll data
  • Legal documents, including bank audit data and financial agreements
  • HR information about Automation Personnel Services employees
  • Customer and partner records, including names, addresses, and phone numbers

Example of leaked accounting data:

A picture containing graphical user interface  Description automatically generated

Example of leaked APS employee data:

Graphical user interface  Description automatically generated

Who had access to the data?

Since the data was made freely available in the final week of November, it’s safe to assume that multiple users of the hacker forum where it was posted had access to the data.

On the other hand, it’s unclear how many users actually downloaded the entire 440GB archive, and of that, how many are using that data for illicit purposes.

What’s the impact of the leak?

Most of the data in the archive seems to be corporate rather than personal in nature. From what samples of the leaked archive we were able to access, however, it appears that at least 30 files in the archive contain personal information of Automation Personnel Services employees, including the last 4 digits of their social security numbers.

With personal employee data and company audit information in hand, cybercriminals could:

  • Impersonate employees to gain unauthorized access to the company’s resources and confidential information
  • Carry out spear-phishing attacks against employees and their family members
  • Steal the exposed employees’ identities and take out loans, apply for credit cards, or even collect tax refunds in their name

Furthermore, attackers could sell confidential company data to competitors for business intelligence and corporate espionage purposes. For example, one of the files in the archive listed Automation Personnel Services partners, and that information might be used by the competition to lure the clients away from the hacked company.

Next steps

If you work at Automation Personnel services or have an account on apstemps.com, there’s a good chance your data has been leaked. For that reason, we recommend you:

  • Set up identity theft monitoring via your financial institution of choice
  • Review recent activities on your online accounts and watch out for suspicious emails, messages, and requests

For companies that wish to avoid becoming victims of a ransomware attack, here are a few basic precautions that your organization should have in mind:

  • Encrypt your confidential data with a salted secure encryption algorithm. That way, even if an attacker would manage to steal your data, they’d have no use for it because it would be inaccessible without an encryption key
  • Use an intelligent threat detection system or a security incident event management system, which can inform you of a data breach before the data is downloaded by the attackers
Share90TweetShareShare
Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

500M LinkedIn user records sold on hacker forum
News

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

by CyberNews Team
6 April 2021
5

We updated our leak checker database with more than 780,000 email addresses associated with this leak...

Read more
LinkedIn, FB, Twitter, Clubhouse apps seen on an iPhone

Recent Facebook, LinkedIn and Clubhouse leaks explained

15 April 2021
Cheapest tool to kill satellites? A computer

Cheapest tool to kill satellites? A computer

13 April 2021
A gift to criminals and tyrants? Soon, wireless devices could become object sensors

A gift to criminals and tyrants? Soon, wireless devices could become object sensors

13 April 2021
“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

12 April 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
    • Best Web Hosting Services
  • Tools
    • Password Generator
    • Personal Data Leak Checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.
Subscribe For Security Tips And CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Our Privacy Policy and Terms & Conditions

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.