IT service provider refuses to pay ransom, hackers publish stolen data online

Multi-vendor service provider CityComp has suffered a breach that resulted in leaked customer data. Some of the German firm’s clients include big names like Oracle, Volkswagen, and Airbus.

In a statement posted high on its official web site, CityComp publicly admits it fell victim to a “targeted cyberattack” sometime last month, and while the company has since fended off the hackers, customer data unfortunately got leaked.

“A still unknown perpetrator has stolen customer data of CITYCOMP and threatened the company with publication, should it not comply with the blackmail attempt,” the company states.

It refused to pay the attackers the ransom and, with the help of local authorities and IT security experts, it managed to fend off the attack and implement stronger safeguards.

“Since CITYCOMP does not comply with blackmail the publication of customer data could not be prevented,” the notice continues. “The stolen data has now been published by the perpetrators and CITYCOMP’s customers were informed about it.”

The firm says it notified the relevant data protection authorities as soon as it learned of the breach, offering full transparency as required by law.

“As a trustworthy and professional service provider, CITYCOMP does not comply with blackmail and works with law enforcement whenever a crime has been committed. Due to this cyber-attack CITYCOMP has implemented further technical and organizational measures to increase its security in order that such an attack will not occur again in the future,” the statement ends.

Many of CityComp’s clients are located in the European Union, which means the company should brace for GDPR impact.