A threat actor who posted 2.8 million lines of Amazon employee data last week has taken to the dark web to claim they are doing so to raise awareness of poor security practice.
The individual, who goes by the online moniker “Nam3L3ss,” claimed in a series of posts to have obtained data from 25 organizations whose data was compromised via last year’s MOVEit exploit.
According to Hudson Rock, which verified the data, these organizations include McDonald’s, Charles Schwab, Lenovo, Delta Airlines, HSBC and Amazon – with an estimated five million records leaked so far.
“This structured data reveals not only contact information but also sensitive details about organizational roles and department assignments, potentially opening doors to social engineering and other security threats,” the security vendor warned.
Read more on MOVEit: Critical Zero-Day Flaw Exploited in MOVEit Transfer
However, Nam3L3ss has taken to the dark web to protest their innocence.
“People, I am not a hacker! If something requires a username or password, even a default password, I will not try and use it! I track all of the ransom group sites and have my own tools that auto find AWS, AWS and other sites’ open buckets,” they wrote on Monday. “I download everything I can from ransom group TOR sites and from open cloud services. Once I have it I then clean the data and remove duplicates from the source and sometimes remove fields/columns where the data is useless.”
No tags.
