- Qilin ransomware group claims breach of TWU Local 100 in New York
- Data allegedly leaked to the dark web; the union represents 41,000 workers and 26,000 pensioners
- Stolen PII can fuel phishing and fraud; members are encouraged to be vigilant
The dreaded Qilin ransomware operators have added the Transport Workers Union of America (TWU) Local 100 chapter to its data leak page, saying it broke into the organization and has already leaked everything it stole to the dark web.
The Local 100 chapter of the TWU is the local union representing tens of thousands of transportation workers in and around New York City, including people who operate and maintain subways, buses and other transit services, as well as workers at some private bus and ferry companies.
It primarily organizes workers for representation and labor rights at various employers, such as the Metropolitan Transportation Authority (MTA), or various private operators. It negotiates contracts, handles complaints, advocates for better wages and working conditions and much more.
What kind of data was stored?
Qilin is a Russian-linked ransomware operator blamed for some of the more disruptive attacks in recent history.
Qilin didn’t say exactly how much data it stole, what it contains, or how many people are affected — but in total, TWA Local 100 represents about 41,000 workers and 26,000 retirees.
Cyber news notes that unions are often a valuable target because of the “prodigious amounts” of sensitive data they hold about their workers. Local 100’s website says it collects and stores personally identifiable information (PII) such as full names, basic contact information, job titles and salary information, medical and insurance benefits, and pension and retirement planning. However, it also holds data about services such as housing assistance, safety and health, complaints and disciplinary actions and much more.
Cybercriminals can use this information to create highly convincing phishing emails through which they can trick victims into sharing valuable login information or even making fraudulent bank transfers. Potential victims should be wary of incoming e-mail messages, especially those that claim to be from TWU and carry a sense of urgency.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
