The crew behind the DopplePaymer ransomware claims they have successfully compromised the network of Digital Management Inc. (DMI), a US company that provides business intelligence and cybersecurity services. According to the company, its customer list includes Fortune 100 companies and government agencies, including NASA.
While the exact extent the breach is not clear at the moment, it seems the hackers have managed to gain access to NASA-related files, suggesting they compromised DMI's NASA-related infrastructure, ZDNet reports.
To support their claims, the DopplePaymer gang has published 20 archive files on their dark web portal. The leaked data includes various files spanning fr om HR documents to project plans.
“Employee details included in these files matched public LinkedIn records,” ZDNet wrote.
The hackers also published a list of 2,583 servers and workstations that they claim are part of DMI's internal network, and which they have encrypted and are now holding for ransom.
DopplePaymer is one of the ransomware gangs that operate so called “leak sites” wh ere they publish small portions of stolen information to increase their chances of ransoms being paid. If the victim refuses to pay the ransom, the gang releases the stolen files in retaliation.