Brasilian Based Cloud Storage & IT Solutions Firm Tivit Compromised by Massive Data Breach

In news first brought to my attention via Defcon Lab on December 12th 2018, various databases and cloud storage servers belonging to Tivit, a Brasilian based IT solutions and network storage provider, were hacked/compromised by unnamed assailants. In a series of leaks across Twitter over a 5 day time period, between December 7th-12th 2018, the login user names and credentials to more than a dozen Tivit cloud storage clients/accounts were dumped online. At the present moment in time no one has claimed responsibility for the hack, and it appears as though though the Twitter handle used to leak the information online (@infoleakbr) was created earlier this month exclusively for this very purpose.

About the incident in question, as was explained by Defcon Labs, “São quase mil linhas de código que aparentam conter rotinas internas da empresa, além de credenciais de acesso de diferentes clientes empresariais de grande porte.” Adding that “Os dados parecem ser documentação de processo interna da própria empresa, sendo incerto se foram produto de uma ação ofensiva ou publicados involuntariamente por equívoco.” You can view all the leaks in their entirety below.

Translation:

About the incident in question, as was explained by Defcon Labs,”there are almost a thousand lines of code that appear to contain internal company routines, as well as access credentials of different large enterprise customers.” Adding that “The data seem to be internal process documentation of the company itself, and it is uncertain whether they were the product of an offensive action or published involuntarily by misunderstanding.” You can view all the leaks in their entirety below.

Identifiable Clients Exposed By The Breach:

CIP – hxxps://www.cip-bancos.org.br/SitePages/Home.aspx
BROOKFIELD ENERGIA – hxxps://renewableops.brookfield.com/en/presence/latin-america
JMACEDO – hxxp://www.jmacedo.com.br/
MULTIPLAN – hxxp://multiplan.com.br/
BRASKEM – hxxps://www.braskem.com.br/
BANCO ORIGINAL – hxxps://www.original.com.br/
FABER – hxxp://www.faber-castell.com.br/
SAE – hxxp://portal.saebrasil.org.br/
MITSUI – hxxps://www.mitsui.com/br/en/index.html
ZURICH – hxxps://www.zurich.com.br/
KLABIN – hxxps://www.klabin.com.br/en/home/
VOTORANTIM – hxxp://www.votorantim.com.br/
SEBRAE – hxxp://www.sebrae.com.br/sites/PortalSebrae

Raw Client Credentials Leak: https://pastebin.com/7RZCj45S
Database File Download 1 (18.31 MB): https://anonfile.com/M7ObI0k1b0/Leak_zip
Database File Download 2 (617.68 KB): https://anonfile.com/X6Vbpanfb3/KBA00052701-TOPOLOGIA_DE_REDE_CHEQUE_LEGAL_SP_RJ_v344_pdf
Database File Download 3 (266.83 KB): https://anonfile.com/i5W0pan9bb/KBA00051808-Topologia-CIP_Ambiente_STD_pdf
Email Database Download (149.69 MB): https://bayfiles.com/76Jej8lbbf/Emails_7z



Categories: Hacking News

Tags: , , , , , ,

Leave a Reply

Do NOT follow this link or you will be banned from the site!
%d bloggers like this: