It has been reported that a threat actor is allegedly selling a trove of sensitive data related to Robert Half, a renowned staffing and employment agency. The incident, dated February 2024, involves the sale of a comprehensive package priced at $20,000.
The data being offered by the threat actors, known as IntelBroker and Sanggiero, includes a staggering array of confidential documents. Among the compromised information are Twilio data, 1,700 repositories of source code, employee documents, and a substantial amount of other undisclosed data totalling 64GB. The leak extends to customer information and configuration settings, including those related to OpenAI.
The threat actors offered a comprehensive and continually updated set of stolen data from Robert Half for $20,000.
IntelBroker and Sanggiero claimed responsibility for the breach in a post on an underground forum. According to their statement, they successfully infiltrated RobertHalf.com and are now making the stolen data available for purchase. They also assert that the stolen information is not only extensive but also fresh and continuously updated, indicating ongoing access to the compromised systems.
The threat actors have established communication channels for potential buyers, inviting them to message directly on their Telegram profiles or through the designated underground forum account. It has been specified that transactions will only be accepted in Monero (XMR) and through the widely recognised escrow service, ensuring a level of anonymity for both parties involved.
This alarming development raises concerns not only for Robert Half and its clients but also for the broader implications of such a breach. The sale of such diverse and confidential information on the underground market poses a significant threat to individuals and organisations linked to the compromised data.
Robert Half is yet to release an official statement regarding the breach, leaving users and clients awaiting guidance on potential measures to secure their information. As the cybersecurity community closely monitors the situation, this incident reveals the persistent challenges in safeguarding sensitive data in the digital age.