Attacks against vulnerable Jira ticketing system servers around the world have been deployed by the HellCat ransomware-as-a-service operation to compromise Schneider Electric, Telefónica, Orange Group, Jaguar Land Rover, and Affinitiv, reports BleepingComputer.
Such a development comes as Swiss global solutions provider Ascom disclosed having its technical ticketing system compromised in a cyberattack claimed by the HellCat group to have led to the theft of nearly 44 GB of data. Additional details regarding the intrusion were not provided but such an intrusion is believed to have also involved the Jira ticketing system. HellCat's intrusion against JLR, which was facilitated by credentials stolen from an LG Electronics employee, has resulted in the exposure of almost 700 internal files while the most recent Affinitiv attack was noted to have resulted in the exfiltration of a database with over 470,000 emails and over 780,000 records. Jira "has become a prime target for attackers due to its centrality in enterprise workflows and the wealth of data it houses," said Hudson Rock co-founder and Chief Technology Officer Alon Gal.
