A Miami-based managed services provider has suffered a major data breach, with nearly 1TB of its users’ data leaked, according to researchers from CyberNews.com.
The leaked data from Intcomex includes credit cards, license scans, payroll, customer databases, and more. The data was found on an online database. CyberNews.com says they informed Intcomex about the leak Sept. 21. A Intcomex spokesperson sent CyberNews.com this statement:
“Intcomex internally detected and responded to a cyber attack involving some of our systems. Upon learning of the incident, we took decisive steps to address the situation and protect our systems. We immediately engaged third-party cybersecurity experts to assist us in the investigation and we have implemented additional enhanced security measures. We also notified law enforcement. We are notifying affected parties as appropriate. Services provided to our partners have not been impacted. The security of our systems and data remains a top priority.”
The leaked data contains a collection called “Internal Audit” with a size of 16.6GB, and another called “Finance_ER” totalling 18GB. The most recent data, according to the researchers, comes from July 2020.
Intcomex’s website says the company serves more than 50,000 resellers in over 41 countries. Most of them are based in Latin America and the Caribbean. CyberNews.com says that since the data breach was reported to Intcomex, the thread with the leaked data online has been deleted, meaning a ransom was paid of the leaker abandoned the plan.