Cyber Incident Victim: Ground(ctrl)
Date:
May 2014
Location:
United States of America
Summary
Ground(ctrl), a company which builds social networking sites and other services for musicians, begins notifying an undisclosed number of users that their personal information may have been exposed when the companys network was hacked.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Ground(Ctrl) is a cloud infrastructure provider that offers Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Desktop as a Service (DaaS). The company's clients include businesses, startups, and government agencies. On May 7th, 2014, Ground(Ctrl) reported that it had suffered a cyber attack in which an unauthorized party gained access to its systems and exfiltrated sensitive data. According to the company's statement, the attackers used a technique known as "exfiltration from application server" to steal data from Ground(Ctrl) clients. The motive for the attack was believed to be financial in nature, with the attackers targeting sensitive information such as credit card numbers and bank account details. In response to the incident, Ground(Ctrl) took steps to contain the damage and protect its customers' data, including notifying affected parties and providing them with additional security measures. The company also launched an investigation into the incident and worked closely with law enforcement agencies to identify and apprehend the attackers.