Data Breach

AlphV announces initiation of contact with some clients of Tipalti

Parker Bytes December 4, 2023

Blimey, what a week it’s been in the world of cybercrime. Pull up a chair, get yourself a cuppa, and let me fill you in. It appears the notorious group AlphV has just shaken up their usual playbook. How? Well, instead of directly attacking their victim, in this case, Tipalti, they’ve taken a backdoor approach and have taken aim at Tipalti’s clients. Bit cheeky, really, but I suppose that’s hackers for you.

Apparently, AlphV have whipped up a good 265 GB of data from Tipalti, and not a hint of encryption involved. Interestingly, they’re not hiding in the shadows this time; they’ve publicised this attack before even squeezing a quid out of Tipalti or any of its clients.

On the rumour mill, some thought that gaming giant Roblox and streaming platform Twitch were next in the firing line; some even claiming that Twitter could be next. But slow down there! Before we start pointing fingers, let me remind you these are just the ramblings of the web and actually, up until now, AlphV hasn’t revealed who they are really targeting.

So far, Tipalti is putting on a brave face, pledging they’re investigating the matter. They assure us that they’ve not detected any data loss or breaches in their systems. Though, as we all know, that may well change as more information comes to light.

As of the moment, our digital troublemakers haven’t coughed up any specifics about which clients they’ve contacted for a bit of blackmail, or whether anyone’s responded, so stay tuned.

Now, a word to the wise, let’s not allow these cyber criminals to run the narrative, shall we? All these Twitter speculations about who might be next are only helping them spread fear and discord, while potentially harming the reputations and stocks of the implicated companies.

Now, more than ever, we need to amplify voices that offer a knowledgeable context, analyse situations responsibly, assess the credibility of claims and apply the right language. Never forget, misinformation, disinformation and, heaven forbid, malinformation, can do just as much damage as a data breach itself.

Understanding the need for patience and restraint during these uncertain times is key. Not forgetting the importance of sharing accurate information with as many people as possible – especially defence strategies for those who need to safeguard themselves.

The government does have a role to play in managing the fallout, but in the end, it’s us, the independent researchers, journalists and tech companies, who really bear the brunt. So let’s put our best foot forward and tackle this situation head-on.

by Parker Bytes