The group of threat actors calling themselves ‘Justice Blade’ published leaked data from Smart Link BPO Solutions, an outsourcing IT vendor working with major enterprises and government agencies in the Kingdom of Saudi Arabia and other countries in the GCC.
The bad actors claim to have stolen a significant volume of data, including CRM records, personal information, email communications, contracts, and account credentials.
The same day, Justice Blade also set up a Telegram account with a private communications channel. On the screenshots and video leaked by the attackers – the incident could have happened as a result of targeted network intrusion affecting Active Directory and internal applications and services.
The bad actors also released screenshots of active RDP sessions and Office 365 communications between various companies from within the region, and several lists of users presumably related to FlyNas (airlines company) and SAMACares (initiative managed by Saudi Arabia Central Bank) containing over 100,000 records.
