Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit

Written by

The Yellow Pages Canada company has confirmed to Infosecurity that it has been the victim of a cyber-attack.

“As soon as we became aware of the attack, we immediately commenced a thorough investigation into this issue with the assistance of external cybersecurity experts to contain the incident and ensure that we had secured our systems,” senior vice president and chief financial officer, Franco Sciannamblo, told Infosecurity in an email.

The breach reportedly affected some employee and business customer data, though the company did not specify what type of data in particular.

“Based on our investigation to date, we have reason to believe that the unauthorized third party stole certain personal information from servers containing YP employee data and limited data relating to our business customers,” Sciannamblo said.

“We have been notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident.”

Yellow Pages did not provide further information about the attack. However, the infamous threat group known as Black Basta has claimed responsibility for it, saying it involved ransomware and the publication of some data over the weekend, according to cybersecurity analyst and security researcher Dominic Alvieri.

Read more on Black Basta here: Black Basta Deploys PlugX Malware in USB Devices With New Technique

Sciannamblo added that all of the company’s services are now back online. Still, according to Chris Hauk, consumer privacy advocate at Pixel Privacy, it is unclear how long the information has been exposed. 

“Yellow Pages Canada customers will want to stay alert for any bad guys looking to let their fingers walk through any additional information they can glean from them with email, text, or phone phishing attempts.”

Echoing Hauk’s point, Rebecca Moody, head of data research at Comparitech, explained that ransomware groups tend to give organizations a certain period to pay a ransom before publishing any data.

“This suggests that Yellow Pages Canada has only confirmed the ransomware attack due to Black Basta making its claim and publishing data on its hacking forum. This is, unfortunately, a growing trend. Businesses only tend to disclose these attacks if systems are taken down and/or data is published.”

The attack on Yellow Pages Canada is only the latest in a list of ransomware-related breaches that are evolving throughout 2023.

What’s hot on Infosecurity Magazine?