Xtium (formerly ATSG), a managed service provider for AI-powered IT infrastructure, security, and cloud solutions, has allegedly been compromised in a large extortion campaign exposing roughly 485.8TB of data. The attacker claims eight months of undetected access to Veeam backup instances, re-breached the network after stalled negotiations, and is now selling data and offering to delete client backups for payment. #Xtium #ATSG #Veeam #Synology #TeamShares
Keypoints
- Threat actor claims approximately 485.8TB of data was exfiltrated from Xtium systems.
- About 480TB of the data reportedly consists of client VM backups from a compromised Veeam instance.
- The attacker alleges they maintained undetected access to Veeam backups for around eight months.
- An alleged second breach occurred ten days after extortion negotiations with Xtium management stalled.
- Stolen data includes client file-level restores and 5.8TB from Synology ShareSync (TeamShares), and the actor is selling data and soliciting clients to pay for backup deletion.
Read More: https://dailydarkweb.net/xtium-managed-service-provider-data-breach-and-extortion/