Notorious hacking group RansomHouse has disclosed private data it obtained after it compromised mobile operator Cell C.
Confirming the incident today, the mobile operator says in a statement: “Cell C is aware that data compromised in the recent cyber security incident has been unlawfully disclosed by RansomHouse, the threat actor claiming responsibility.
“This follows a previously reported incident involving unauthorised access to unstructured data in some parts of our IT environment.”
In January, Cell C became a target of a cyber security incident, which the company confirmed impacted parts of its IT environment.
At the time, it said initial findings from investigations suggested the data related to “a limited number of individuals may have been accessed by an unauthorised party”.
According to cyber security firm Malwarebytes, RansomHouse is an extortion group that gets into victims’ networks by exploiting vulnerabilities to steal data and coerces victims to pay up, lest their data is sold to the highest bidder.
If no criminal is interested in buying the data, Malwarebytes states, the group leaks it on its site.
This group is unique in the way it extorts money from victims, says Malwarebytes, noting it appears to market itself as a penetration tester and bug bounty hunter more than the average online extortionist.
After stealing data from targets, it offers to delete it and then provides a full report on what vulnerabilities it exploited and how.
Like ransomware groups, it also has channels in place – a Telegram account and a leak site – to communicate with victims, journalists and those who want to track their activities.
In 2022, it claimed responsibility for hacking into retail chain Shoprite’s IT systems. RansomHouse also claimed responsibility for several high-profile attacks, including the cyber attack on the University of Paris-Saclay in August 2024. In this incident, it threatened to release one terabyte of stolen data, comprising documents such as CVs, academic transcripts and other sensitive information.
Cell C adds in its statement: “We deeply regret this development and the concern it may cause among our employees, customers, partners and stakeholders at large.
“As part of our commitment to safeguarding the interests of our stakeholders and full transparency, Cell C has set up an Information Hub, where stakeholders can access tips on protecting themselves against cyber crime, support and actions to protect against fraudulent activity, as well as frequently asked questions on the cyber incident.”
Since detecting the incident, Cell C has taken decisive steps to contain the threat, further secure its systems and mitigate impact, it notes.
These include engaging leading international cyber security and forensic experts to support containment and response, as well as notifying and cooperating with the Information Regulator and relevant authorities.
The telco adds it is communicating with affected stakeholders to provide findings and guidance.
“Cell C has engaged its experts to monitor potential misuse of the data and urges all stakeholders to remain vigilant against fraud, phishing and identity theft,” it notes.
Share