Yellow Pages Group, a Canadian directory publisher, has confirmed that it suffered a cyber attack and data breach. The Black Basta ransomware and extortion group claimed responsibility for the attack and posted sensitive documents and data over the weekend, including ID documents, tax documents and sales and purchase agreements.
Franco Sciannamblo, YP’s Senior Vice President Chief Financial Officer, confirmed that personal information from servers containing YP employee data and limited data relating to business customers was stolen. The attack appears to have taken place on or after March 15th, 2023.
Yellow Pages largely collects and provides public data, but they still hold personal or private corporate data. The ransomware group has quickly moved into action over the past year, sometimes posting multiple high-profile victims at once on its data leak portal.
Cybersecurity analysts have theorized Black Basta to be a rebrand of Conti ransomware gang based on its negotiation tactics. Earlier this month, Black Basta claimed responsibility for a cyber attack on Capita, a UK-based professional outsourcing provider.
Last year, Black Basta hacked Canadian food retail giant Sobeys, causing IT issues and point-of-sale (POS) kiosks to malfunction.
As soon as the attack was discovered, YP immediately commenced a thorough investigation with the assistance of external cybersecurity experts to contain the incident and ensure that they had secured their systems. They are notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident.
Substantially all of their services have now been restored.
