In a significant cybersecurity incident, a Brazilian national has been charged in the United States for allegedly threatening to publicly disclose data obtained through hacking. The individual, identified as Junior Barros De Oliveira, 29, from Curitiba, Brazil, faces multiple counts related to extortion and threatening communications, according to an unsealed indictment from the U.S. Department of Justice this week.
The target of this breach was the Brazilian subsidiary of a New Jersey-based organization, which reportedly fell victim to unauthorized access facilitated by De Oliveira. It is alleged that the perpetrator accessed the company’s network on at least three occasions, successfully stealing confidential information pertaining to approximately 300,000 customers.
De Oliveira’s extortion campaign began in September 2020 when he reportedly sent an email to the CEO of the company, using an alias to threaten the release of the stolen data unless a ransom of 300 bitcoin—equivalent to around $3.2 million at the time—was paid. This marked the initial use of threatening communications, notably a tactic identified in the MITRE ATT&CK framework under the “Data Destruction” technique.
A month subsequent to his initial threat, the defendant escalated his extortion attempts by forwarding the ransom demand to both the CEO and an executive at the subsidiary. In a follow-up correspondence, he expressed a willingness to assist the company in resolving its security issues, but demanded a consulting fee of 75 bitcoin (approximately $800,000 then) while providing details on how to transfer the funds to a Bitcoin wallet.
This cyber incident illustrates potential tactics noted in the MITRE ATT&CK Matrix, particularly initial access methods such as exploiting software vulnerabilities or utilizing phishing attacks to gain entry into the organization’s systems. Furthermore, the incident highlights the risk of privilege escalation, where attackers gain higher-level access through stolen credentials or compromised accounts to infiltrate further into the organization’s network.
Each count of extortion carries harsh penalties, including a maximum of five years in federal prison, alongside substantial fines. Such cases serve as critical reminders of the growing threats in the cybersecurity landscape that business owners must navigate to protect sensitive data effectively.
In light of this incident, it is paramount for businesses to review their cybersecurity posture, ensuring robust defenses are in place against similar threats. Companies must remain vigilant in their preparedness to address potential breaches and consider proactive measures such as regular security assessments and employee training to mitigate risks effectively.
As cybersecurity threats continue to evolve, awareness and action are key components of any effective defense strategy. Business owners should remain informed of these developments in order to better protect their organizations against the increasing number of cyber-attacks targeting sensitive information.
