- Klue recently suffered a cyber attack at the hands of Icarus
- Icarus was apparently deleting the stolen customer data
- An unnamed group claims to have stolen the data from Icarus and is now blackmailing Klue customers directly
Earlier this month, market research provider Klue suffered a cyber attack with knock-on effects that hit major companies such as LastPass, Gong, Jamf, HackerOne, Huntress and others.
Klue has since revealed that it is in contact with the Icarus ransomware group, which claims to have been in possession of the stolen data and threatened to leak the data in an attempt to blackmail the company.
But another unnamed group has surfaced, claiming to have hacked into a member of the Icarus group’s environment to steal customer data stolen by Icarus from Klue. This second group is now apparently trying to extort Klue customers directly, much to the annoyance of Icarus.
Hackers hacked by hackers
An update shared privately with Klue customers on Wednesday night and seen by TechCrunch said: “We continue to communicate with the threat actor we have been in contact with (‘Icarus’). Icarus told us they are taking steps to delete the data taken from Klue customers. The Icarus website remains down and we have indications that Icarus is indeed taking steps to delete data taken from Klue customers.”
Icarus later informed Klue that the other group was attempting to extort Klue customers using the same data, after posting a list of affected companies on its own website. Alongside this list, they also claimed to have stolen customer data from Icarus after someone from the Icarus group accidentally allowed the group to connect to the server hosting the stolen data.
Although there is no evidence that Klue paid the Icarus group, the unnamed group also issued a statement that an “Icarus operator who is a teenager living somewhere in the UK or neighboring countries” had been paid by Klue to delete the stolen data.
A further communication issued by Klue to its customers said it had been assured by Icarus that the unnamed group only had samples of the stolen data, not the full set. It also said, “Icarus has asked us to inform Klue customers not to pay this second party.”
Klue also suggested that its customers ask the other group for random samples of their data to prove whether they had indeed obtained the full set of stolen customer data.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
