Time is ticking for Hallmark: hackers threaten to expose 8M records
Shinyhunters has been on fire lately, adding one victim after another. This time, the shadowy hacker group is dangling nearly 8 million Hallmark records on the edge of the internet, giving the US-based corporation just one day to respond.
Shinyhunters is threatening Hallmark Cards, Inc., and Hallmark Plus with the release of nearly 8 million records of private corporate data and personally identifiable information (PII).
The gang said on its dark web leak site that Hallmark has until the 2nd of April to make contact before the Salesforce data is leaked.
The century-old company is headquartered in Kansas City, Missouri, but operates worldwide. Hallmark is among the leading enterprises in greeting cards and social expression products.
The company has business ties with Disney, Warner Bros, and Hallmark Gold Crown stores, and its product lines feature licensed characters from major entertainment properties. Hallmark also owns an art supply company, Crayola. The company’s annual revenue is estimated to reach $5 billion.
So far, the gang has not released any data sample to back up its claims. This is a typical extortion tactic: the victim is pressured to negotiate or face the scrutiny of a public data release.
According to ShinyHunters’ claim, the stolen data records are from Salesforce. So far, it is unknown if it is a new breach or if the data theft is tied to last year’s Salesforce heist, which was claimed by a conglomerate of three gangs, Scattered LAPSUS$ Hunters.
Over 700 other companies, including Cloudflare, Zscaler, Palo Alto Networks, Google, Allianz Life, TransUnion, Farmers Insurance, Air France, and KLM, are reported to be affected by the breach.
Hallmark is at risk of social engineering attacks
If the claims prove to be true, the company might face multiple dangers. Internal corporate data, in general, could expose business operations details, potentially reducing the company's competitive advantage and damaging its reputation.
“Since the gang did not upload the dataset yet, the damage can vary depending on what they have,” Cybernews researchers said.
“If it is true that they have PII among the data, the impact for this could be targeted social engineering towards the company, its employees, or the clientele, depending on whose PII is there,” our team added.
Cybernews has reached out to Hallmark for a confirmation, but has not yet received a response.
ShinyHunters are causing chaos
The attacks of cyber gang ShinyHunters have been called “catastrophic.” Just last week, the European Commission’s name and 350GB of data ended up on Shinyhunters leak site.
The Commission admitted it had detected a cyberattack which “affected cloud infrastructure hosting the Commission’s web presence on the Europa.eu platform.” It said it took immediate steps to contain the incident.
Previously, the gang caused chaos after breaching the Dutch telecom provider Odido. A compromise of its customer relationship management system left nearly 7 million customers exposed, which is nearly a third of the country's population. After negotiations failed, the attackers leaked the stolen data online.
Unlock more exclusive Cybernews content on YouTube.
