Tuesday, February 11, 2025
Homecyber securityGang of 5 Employees Stole The Customer Data at Late Night in...

Gang of 5 Employees Stole The Customer Data at Late Night in Office

Published on

SIEM as a Service

Follow Us on Google News

The sequence of events sounds like it was taken straight from a movie script. Five software programmers were working late into the night, chatting on their phones while they worked.

During the wee hours of October 9, between 1:00 am and 4:00 am, they managed to hack the company’s primary server and successfully gained access to sensitive customer data, which they then proceeded to steal.

The following day, all five software company employees in Chennai showed up to work in Bengaluru or Chennai, where they joined their coworkers in expressing their shock and horror at the loss of sensitive information belonging to five of the company’s most valuable clients.

The business owner had no idea what was happening as he saw his six years of hard work go down the drain. His workforce mostly defected. 

Then he discovered that his US-based clients had been cut off because the operating system he used, Amazon Web Services (AWS), had changed their credentials. He tried to contact them but was met with silence.

Document
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

He eventually went to the police in Chennai, India, about the cybercrime. The investigators followed the internet protocol address and other technical facts from where the server was accessed and gained a breakthrough within a few hours. 

Cyber Security News learned from the local authorities that they narrowed it down to five people: two in Chennai and three in Bengaluru, all firm employees. Edison, 29, who was responsible for the company’s operations in Chennai, was the one who logged onto the server and began the theft. According to their findings, he participated in a conference call with four other people.

Using this information, they were able to track down his coworker in Chennai, Ramkumar, as well as three employees at the Bengaluru office: Kavya Vasanthkrishan, Ravitha Devasenapathy, and S Karuppaiah.

Police discovered that the five had formed a new software firm called “Blue Dawn” the day following the theft and had contacted the five victims, whose information had been taken, offering their services at a steep discount.

Australian cybercrime investigators are looking for a second software programmer who helped steal the data. They want to ask Interpol for assistance tracking him down and will issue a lookout circular.

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...

EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical...

Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks

As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities.Recent studies...

Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat

January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...

EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical...

Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks

As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities.Recent studies...