Security

Collabera hacked: IT staffing'n'services giant hit by ransomware, employee personal data stolen

Crooks made off with everything needed for ID theft


Exclusive Hackers infiltrated Collabera, siphoned off at least some employees' personal information, and infected the US-based IT consultancy giant's systems with ransomware.

We understand this swiped data included workers' names, addresses, contact and social security numbers, dates of birth, employment benefits, and passport and immigration visa details. Basically, everything needed for identity theft. The recruitment'n'staffing biz, which employs more than 16,000 people globally and banks hundreds of millions of dollars a year in sales, does not believe the lifted records have been used for fraud.

Collabera could not be reached for comment, though El Reg has seen a copy of the internal memo sent to staff disclosing the details of the leak. File-scrambling malware was detected on the IT consultants' network on June 8, and within a couple of days, it emerged at least some data had been stolen, according to the business.

Collabera identified malware in its network system consistent with a ransomware attack

"On June 8, 2020, Collabera identified malware in its network system consistent with a ransomware attack," Collabera wrote in the letter, dated mid-July and signed by HR senior director Mike Chirico.

"We promptly restored access to our backup files and immediately launched an investigation to determine the nature and scope of the event. On June 10, we became aware that the unauthorized party obtained some data from our system. We are working with outside experts and law enforcement to conduct a more detailed review of the incident."

Based out of New Jersey, Collabera offers companies IT services and staffing. That includes hiring out tech workers, hence the cache of personal data that was accessed by the miscreants.

"At Collabera, we reach out a hand to turn the search into a companionable, supportive journey," the company said on its website.

"A journey that certainly doesn’t inspire groaning, and one that no one ever takes alone."

So was this ransomware, or a data leak?

In this case, it appears that miscreants tried to encrypt and stole data. This has become the norm among ransomware gangs; crooks have taken to exfiltrating data as well as encrypting it. These days, victims aren't just paying the ransom to potentially restore their information, they're also paying to prevent the stolen data from being leaked or sold on by the extortionists.

In June, the Maze ransomware group – known for stealing and leaking corporate confidential data – claimed to have hacked Collabera.

Now Collabera is offering its staff two years of credit and identity monitoring services through Experian. (Yes, the same Experian that was once relieved of records on 15 million folks in the US.)

Workers who receive the letter are said to have until October 31 to register themselves for the monitoring service: "We strongly encourage you to review your bank, credit card, and other financial statements regularly. If you see any transactions you don't recognize or which appear suspicious, notify your financial institution immediately, as well as Experian." ®

Send us news
10 Comments
Get our Security newsletter

Elon Musk's SpaceX bags $3bn NASA contract to, fingers crossed, land first woman on the Moon

And the 13th guy

NASA today announced the next US lunar mission will use SpaceX's HLS Starship to put American astronauts on the Moon's surface.

Elon Musk's rocketry biz thus scoops a $2.89bn contract to put the first woman and the 13th man on the Moon as part of the American space agency's Artemis program. NASA will use its own much-delayed SLS booster to launch four astronauts into orbit and make the trans-lunar injection burn – pointing them Moon-ward, basically – and then two of the 'nauts will transfer to SpaceX hardware to touch down.

“This is an exciting time for NASA and especially the Artemis team,” said Lisa Watson-Morgan, program manager for HLS at NASA’s Marshall Space Flight Center in Huntsville, Alabama.

Continue reading

Pentagon confirms footage of three strange craft taken by the Navy are UFOs (no, that doesn't mean they're aliens)

Unless by aliens you mean Russians

Photos and videos taken by US Navy officers of strange-shaped aircraft streaming across our skies a couple of years ago have been officially labelled as unidentified flying objects by Uncle Sam.

The first clip, filmed in night-vision, features a cone-shaped object blinking in the sky across an eerie green sky. In a second incident, pilots captured a device that rotated as it flew, and in the third image an object hovered in front, CNN reported.

Sue Gough, a spokeswoman for the Pentagon, referred to those objects as being shaped like a “sphere,” or “acorn" and called the last one a "metallic blimp." All the footage was taken by the Navy, and Gough confirmed the content was being investigated by the US government's Unidentified Aerial Phenomena (UAP) Task Force, a special unit focused on probing UFOs, which is led by the Navy and was created in August.

Continue reading

Ex IBM sales manager, fired after battling discrimination against subordinates, wins $11m lawsuit

Big Blue, insisting it doesn't condone retaliation or discrimination, may appeal

On Thursday, a federal jury in Seattle, Washington, found that former IBM sales manager Scott Kingston had been unlawfully fired by the company and denied sales commission after challenging the treatment of subordinates as racially biased. And it awarded him $11.1m.

The case dates back to 2017 when two IBM sales people within months of each other closed similarly large software sales deals that led to vastly different commission payments. Nick Donato, who is White, received more than $1m for a SAS Institute deal, while Jerome Beard, who is Black, was paid about $230,000 for closing a sale to HCL Technologies.

Beard was paid about 15 per cent of what he should have received under his agreement with IBM, despite a company policy not to cap sales commissions.

Continue reading

Docker Desktop for Apple Silicon is here, but probe a little deeper and you'll find Rosetta 2 staring back

Prepare yourself for an onslaught of 'you're holding the container wrong'

Docker Desktop for Apple Silicon has been released, although it's not quite the seamless conversion some may expect.

Declaring that getting Docker Desktop working on Apple's M1 chip as "by far our most upvoted roadmap item ever," the company is naturally chuffed that container fans selecting Apple's latest hardware can now also crank out code using its tooling.

Rosetta 2, aimed at getting x64 apps up and running on Apple Silicon, only goes so far and to get the virtual machine that lurks beneath the hood of Docker Desktop, the company had to make the jump to Apple's new hypervisor framework as well as deal with all the associated plumbing.

Continue reading

Age discrimination class-action against HP and HPE gets green light to proceed

Old people were let go while the CEO was talking about hiring a bunch of young people, says complaint

Former HP workers who allege they were dismissed in order to clear a path for younger employees have been granted certification [PDF] for their proposed collective action by a California district court.

In their original complaint, the plaintiffs accused HPE and spin-off HP of violating federal and California age discrimination laws during a period of corporate restructuring by pushing out older workers while aggressively hiring younger ones.

According to the filing, they claimed this demographic shake-up started in 2012, and continued in the years following the late 2015 separation of HP. More importantly, they claim it wasn't an accident, but rather driven by a conscious decision by then-CEO Meg Whitman, who was cited as expressing a desire to hire "a whole host of young people" and make the company "younger" during a securities analysts meeting in 2013.

Continue reading

Russian infosec firm Positive Technologies trying to stay positive after US sanctions

Company insists it's a legit operator that's here to help

Positive Technologies has hit back at the US government's "groundless accusations" that it helped the Russian state carry out cyber attacks against the West – by highlighting how "government agencies of different countries" use its products.

Yesterday the US Treasury declared that Positive was selling weaponised infosec tech to the Russian government and ran recruiting events for state hacking agencies, which some Western news outlets have interpreted as meaning the company's flagship Positive Hack Days events.

Rejecting all this in a lengthy statement posted to its website this afternoon, Positive said: "Our global mission is to create products and technologies to improve cybersecurity around the world and to ensure conditions for the most efficient prevention of cyberattacks for the benefit of society, business, and government agencies."

Continue reading

Fridges... in... Spaaaaaaace: Engineers book ride on the Vomit Comet to test astro-refrigerator

It's floaty floaty vom time as boffins plan prototype cooler spin on modded 727

Boffins are set to get a ride on the Zero Gravity Corporation's "weightless research lab" to test a refrigerator designed for jaunts to orbit, the Moon or even Mars.

The engineers from Purdue University, Air Squared and Whirlpool are working on a refrigerator that will function in different orientations as well as the one more suited to domestic kitchens on Earth. The idea is to give astronauts access to food not necessarily freeze-dried or squirted out of a packet (and liberally dosed with hot sauce.)

Continue reading

Oh hello. Haven't heard much from you lately: Linux veteran Slackware rides again with a beta of version 15

It's time to move on from 2016

From the department of "I'm not dead yet" comes news of a Slackware 15 beta release, nearly five years after the distribution last saw a major update.

Created by Patrick Volkerding (who still lays claim to the title Benevolent Dictator For Life), the current release version arrived in the form of 2016's 14.2.

While there have been some rumblings over the years, the lengthy absence of a full new version hinted that all might not be well with one of the oldest Linux distributions and its band of contributors.

Continue reading

Microsoft received almost 25,000 requests for consumer data from law enforcement over the past six months

25% were rejected, and it's less than 2013's figure... but be wary of what Redmond does with your information

Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as law enforcement agencies crept closer to making 25,000 legal requests.

Requests for consumer data reached 24,798 during the second half of 2020, up from 24,093 during the previous six-month period, and quite a jump from the 21,781 for the same period in 2019.

"Non-content data" requests, which require a subpoena (or local equivalent), accounted for just over half of disclosures and were slightly down on the same period in 2019. Microsoft rejected 25.81 per cent of requests in the last six months of 2020, up on the 20.14 per cent of the same period in 2019.

Continue reading

Will tech show IFA really return this year as a 'full-scale' shindig? Place your bets now

Announcement light on safety details and the world still doesn't look ready

Each year nearly 250,000 people flock to the sprawling Messe Berlin for IFA, one of the world's biggest tech consumer trade shows, to peruse the stands and discuss all things laptops, phones, and... fridges.

At least they used to. Like most events, IFA has been acutely affected by the pandemic, which has disrupted international travel and resulted in the imposition of social distancing rules by governments across the world.

Although IFA organisers were not forced to cancel the 2020 edition, as was the case with the GSMA's Mobile World Congress, they did have to scale back the event massively. Instead, it ran in just four halls of the massive exhibition centre, with attendance capped at just 1,000.

Continue reading

Home office setup with built-in boiling water tap for tea and coffee without getting up is a monument to deskcess

If only it had a built-in loo and pillow, then we could work 24/7

A luxury desk designed based on what Brits "want to see" in their home office setup is not sure what it wants to be.

Games room specialist Liberty Games says it undertook research to discover UK remote workers' ideal desk and whipped up a concept that "meets all your working-from-home needs."

As technical director Stuart Kerr explained: "With the shift to working from home, we saw an opportunity to create a desk concept that would meet the needs of British home workers. We wanted to make sure we included some fun features in the desk... to ensure people were still making time for themselves. I think the sleek and modern aesthetic of the desk and the cool features make this desk one of a kind."

Continue reading