462 GB of data from strategically important company Bureau van Dijk hacked and stolen

Bureau van Dijk is a company that collects and processes information about private companies to make optimal decisions and improve the efficiency of its clients. The company is also the largest publisher of business information and specializes in private company data and analysis software.

Bureau van Dijk is part of Moody's Analytics. Orbis is considered the flagship database of the company.

On May 15, 2017, announced that Moody's had entered into a definitive agreement to acquire Bureau van Dijk.

The data of the Bureau van Dijk that collects information on private companies have been stolen and put up for sale! Millions of clients and all those connected with the company are at risk.

Okay, let's figure out how this could happen and what threatens such daring data theft.

What data is for sale?

In a post, the black seller wrote that Bureau van Dijk's product range combines data from regulatory and other sources, including 160 information providers with software that allows users to manipulate data for various research needs and apps.

He is right: the company is indeed a strategically important site for clients from all over the world

As you can see, Bureau van Dijk is in great demand in many countries in Europe, America, and Asia.

The hacker provided evidence that the database contained the following data:

• customer phone numbers
• addresses
•  information about companies' analysis by Bureau van Dijk
•  location, etc.

The author also warned potential buyers that many scammers in the dark forum could take advantage of this database and use it for their selfish purposes.

Interestingly, the author who warns about scammers is himself a real scammer and sells the personal information of innocent people.

Stealing data of a strategic company: what will happen next?

Yes, Bureau van Dijk is not to be envied now. The organization might lose the trust of its many customers.

Although, we do not exclude the possibility that a former Bureau van Dijk employee could put up such valuable information for sale due to personal motives.

One way or another, the information provided on the black forum can cause severe damage to the company's clients because third parties can use the published data for blackmail or extortion of money.

As you can see, even such strategically important organizations cannot always withstand attacks from hackers.

We hope that none of our readers will end up in this leaked database.

However, if you have already become the victim of hacker attacks, read my recommendations to have a clear plan of action and know what to do next time.

What if your data is a hack?

So, I have prepared “first aid” for you in case of hacking and theft of your data:

•  The very first thing you should do is block all your bank accounts. Call the bank branch or block your credit cards in the bank's mobile application (if the app is available)
•  Change your phone number, email, and passwords in all messengers
•  Refuse to use unprotected browsers (Google Chrome, Opera, etc.) and use private browsers and search engines to access the Internet
•  If your reputation or property has suffered ─ contact the police immediately!

Author

Darina Shramko

Cybersecurity specialist and researcher.