Cyber Security News

Yellow Pages Hack – Ransomware Gang Leaks Sensitive Data

As per reports, Yellow Pages Group, the Canadian Directory Publisher, has been attacked by the Black Basta Ransomware Group.

The threat actor also took responsibility for the cyberattack on the Yellow Pages Group.

Black Basta was responsible for the cyberattack on the UK-based Professional Outsourcing Provider, Capita.

They were also responsible for Sobey’s Hack, a Canadian Food retail giant.

Yellow Pages collect large amounts of public data, including personal or private corporate data.

The threat actor has also posted sensitive files and information on their data leak website.

On Saturday, Dominic Alvieri, a threat intel analyst, posted on Twitter that the Black Basta ransomware group has leaked critical information about Yellow Pages.

Black Basta Sharing Yellow Pages Data leak on their website.
Source: Dominic Alvieri

Reports suggest that the data that has been posted may include,

  • Tax documents
  • Sales and Purchase agreements
  • Accounts Receivable Spreadsheet (28/02/2023 Updated)
  • Budget and debt forecast (December 2022)
  • Passports and Driver’s licenses of people
  • Date of birth
  • Address

Franco Sciannamblo, Yellow Pages’ Senior Vice President and Chief Financial Officer, said, “Yellow Pages was recently the victim of a cyber attack. As soon as we became aware of the attack, we immediately investigated this issue with the assistance of external cybersecurity experts to contain the incident and ensure that we had secured our systems.

We have been notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident. Substantially all of our services have now been restored.

As per the data leaked on their website, the attack is estimated to have happened on or after the 15th of March, 2023.

Reports suggest that the Black Basta ransomware group is none other than the Conti ransomware group.

It seems like a rebrand of their group.

Building Your Malware Defense Strategy – Download Free E-Book

prakash

Recent Posts

REF7707 Hackers Attacking Windows & Linux Machines Using FINALDRAFT Malware

A sophisticated hacking campaign has been unveiled recently by Elastic Security Labs, dubbed "REF7707," which…

7 minutes ago

New Device Code Phishing Attack Exploit Device Code Authentication To Capture Authentication Tokens

A sophisticated phishing campaign, identified by Microsoft Threat Intelligence, has been exploiting a technique known…

2 hours ago

RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as "Salt…

3 hours ago

AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master…

4 hours ago

PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql. …

4 hours ago

WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code

A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute…

8 hours ago