Exploit: Ransomware
Mercado Libre: E-commerce & Payments
Risk to Business: 1.872 = Severe
E-commerce giant Mercado Libre has confirmed that an unauthorized party accessed its systems last week, snatching up a part of its source code. The ransomware gang Lapsus$ has claimed responsibility. Mercado admitted that threat actors had accessed data of around 300,000 of its users but stopped short of disclosing that this was a ransomware attack, clarifying what data was stolen or sharing ransom demands. The company said that they do not believe “any users’ passwords, account balances, investments, financial information, or credit card information were obtained”.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business Ransomware gangs have been quick to snatch data from large repositories, especially personal data or payment card information.
Source: Bleeping Computer