Data from Simplicia’s French website has surfaced on a dark web hacker forum, with a user alleging possession of information of 152,000 employees as part of the Simplicia cyber attack.
While the hacker forum user did not claim responsibility for the Simplicia cyber attack, they did announce that they possessed data stolen from a security incident the company experienced last week.
Simplicia, established in September 2018, offers a range of services to clients, primarily focusing on providing IT solutions aimed at saving valuable time and allowing Simplicia’s clients to concentrate on data analysis rather than data retrieval.
Dark Web User Announces Simplicia Cyber Attack
“In September 2023, Simplicia.co, an Cloud-based electronic transaction management tools provider for lawyers, was breached and a total of 152,000 employees’ data exposed,” read the user’s post on the dark web.
The website of Simplicia was accessible amidst claims of the Simplicia cyber attack when checked by The Cyber Express team. We have emailed the company officials for comments to clarify the Simplicia data leak claim. We will update this report based on their response.
The hacker forum user going by the username ‘Nationalist,’ made the announcement with a headline – Simplicia.co Database, Leaked – Download!
The Simplicia data leak post was made on September 3 by Nationalist, the user who claimed that the hacking of the targeted website was conducted in September.
This suggests the user either downloaded or bought the company data from a hacker who likely failed in getting a ransom from Simplicia.
The hacker forum user also made 178 posts on the dark web platform suggesting that they have been part of similar data leak trade in the past. However, it was not confirmed that the data leaked allegedly from Simplicia matched official records in the company’s systems.
The released stolen data from Simplicia cyber attack contained the following:
- 152,000 employees’ information
- Employee’s name
- Client IDs
- Employee leave data
- Employee reimbursement amount
- Refund date
They also had other data related to the employee’s national identification number (NIR) also called the numéro d’inscription au répertoire in French. Other data mentioned were pertaining to the insurance code.
Dark Web History and Marketplaces
The websites on the dark web are not indexed by search engines which means most users of the Internet won’t find about the marketplaces that trade on user data stolen from hacking systems.
The dark web was launched in March 2000 when a student Ian Clarke developed it.
Earlier it offered anonymous chatting using the decentralized network of Freenet however, it became popular when users used The Onion Router known as TOR to access it in around 2002.
Ever since its start over a decade ago, the dark web has witnessed the release of over 1.2 million payment card details. Of all the passwords leaked on the platform, the most common were Qwerty and 123456.
This brings to light the amount of data that is dumped on the dark web and the deep web which makes up 90% of the entire Internet. Users are urged to keep a tab on their passwords and make sure that they use a complex password to keep their information safe.
They can also check if their data is released on the dark web by adding the same on Cyble’s dark web search portal called AMIBREACHED – https://amibreached.com/.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.