Tipalti investigates claims of data stolen by ransomware gang

Tipalti investigates claims of data stolen by ransomware gang

December 4, 2023 at 02:27PM

Tipalti is probing a potential breach by ALPHV ransomware, who claim to have stolen 265 GB of data, including information from Twitch and Roblox. The gang, undetected since September, intends to extort affected Tipalti customers individually, with the company asserting robust security measures are in place.

Meeting Summary:

**Issue:** Possible Data Breach at Tipalti
– Tipalti acknowledges claims by ALPHV ransomware group (aka BlackCat) regarding a potential breach of their network and the theft of 265 GB of data including information pertaining to clients such as Roblox and Twitch.

**Tipalti’s Response:**
– Confirms active investigation into the allegations.
– Emphasizes strong security protocols and tools in place.
– Takes the security of their systems and client data very seriously.

**ALPHV’s Claims:**
– Claims to have accessed Tipalti’s network since September 8th, 2023, and remaining undetected.
– Asserts that they have stolen over 265 GB of data from Tipalti including confidential details of the company, employees, and clients.
– Indicates plans to individually extort companies such as Twitch and Roblox with the stolen data.
– Explains the unusual step of naming victims before extorting due to Tipalti’s cyber insurance not covering extortion, and belief that Tipalti will not pay a ransom.

**BleepingComputer’s Engagement:**
– Provides information about the incident as reported by BleepingComputer.
– Attempts to contact Roblox and Twitch for comments on the situation; Roblox provided an off-the-record comment which was not published, and there was no response from Twitch.

**Action Items:**
– Continuation of the intensive investigation by Tipalti to verify the claims.
– Monitoring of the situation by involved parties including Roblox, Twitch, and possibly other customers of Tipalti.
– Preparedness for potential outreach and negotiations from ALPHV to individually affected customers.
– Awaiting further updates or comments from Twitch and possibly additional information from Roblox on their stance or measures being taken in response to the alleged incident.

Full Article