December 5, 2023 at 04:26PM
Tipalti denies a cybersecurity breach despite BlackCat/ALPHV’s claims of having accessed and stolen data. The extortion attempt, citing a research piece on ransom payment, hasn’t swayed Tipalti. Their investigation with third-party experts found no breach evidence, and Roblox, a customer mentioned by the group, hasn’t commented.
Meeting Summary:
– Tipalti, a financial technology vendor, is refuting claims made by the ransomware group BlackCat/ALPHV about a data breach.
– BlackCat/ALPHV posted on the Dark Web, claiming persistent access to Tipalti’s systems since September 8 and that they have exfiltrated data. The post also threatens Tipalti’s customer, Roblox, and mentions an insider’s help in the breach.
– BlackCat/ALPHV referenced a 2022 research piece by Josiah Dykstra on the benefits of paying ransom in cybersecurity incidents to support their extortion attempts.
– Tipalti has not observed any evidence of a breach, as confirmed by their internal cyber security team and third-party forensic experts.
– The company asserts that it prioritizes the security of its systems and data, utilizing robust security measures.
– There has been no comment from the online platform Roblox on the situation.
Key Actions:
1. Continue close monitoring and investigation of the alleged threat by Tipalti’s cybersecurity team.
2. Maintain public transparency while confirming the absence of breach evidence and reassuring stakeholders of effective security protocols.
3. Await or encourage a statement or response from Roblox regarding the claim.
4. Consider engaging with law enforcement or cybersecurity agencies if any new evidence emerges that substantiates the claims made by BlackCat/ALPHV.
5. Review and potentially reinforce internal security measures and protocols to counter any future cybersecurity threats.