Global tech firm Pitney Bowes hit by Maze ransomware
Pitney Bowes, a global technology provider, was the victim of a recent Maze ransomware attack. The Maze group attackers have since released screenshots of the company’s systems to prove that they had obtained access to Pitney Bowes. The company originally dealt with postage meters but has expanded into software, e-commerce, and technology. Pitney Bowes disclosed the attack over the weekend and is part of a larger series of assaults on big American companies perpetrated by the Maze group. IT services giant Cognizant and global insurance provider Chubb have also been recent victims of Maze.
The screenshots released by the hacking group include lists of staff folders, clients, accounts, management policies, training, and other internal information that leads experts to believe that gigabytes of data have been exfiltrated. Maze typically exfiltrates data from their victims, encrypting it on-site, then sending a ransom note to the victim threatening to release data unless payment demands are met. If a company refuses to pay the ransom, Maze threat actors typically dump the stolen data on cybercrime forums on the dark web. Pitney Bowe’s investigation into the attack and the extent to which it was compromised remains ongoing at this time.