A hacking group that claimed responsibility for leaking sensitive documents from a Century City investment bank threatened Tuesday to divulge more data if the firm failed to pay a ransom.
Seventeen files dated as recently as this month surfaced online last weekend, including background checks listing the Social Security numbers of at least five individuals and confidential details about private stock offerings related to Facebook Inc. and other companies. An entity describing itself as thedarkoverlord said the documents came from WestPark Capital Inc., which helps small companies with acquisitions and fundraising.
WestPark and its chief executive, Richard Rappaport, didn’t respond to requests for comment.
But the CEO of a company referenced in two leaked files said those documents appear legitimate. Jonathan Greenburg, who runs sleep apnea and snoring products maker Zyppah, declined to comment further because he hadn’t heard of the breach until advised by The Times. A representative for a second company named in the files echoed Greenburg’s comments.
Extortion is a common tactic employed by hackers in Eastern Europe, cybersecurity experts say. Hackers generally expect a bigger payout from victims than they would get from selling stolen personal information on the black market because of the sentimental value that people place on digital photos and other files.
The WestPark incident stands out, though, because stealing files is an old-school method that requires more effort than today’s popular approaches. Over the last decade, digital extortionists have gravitated toward easy-to-deploy programs known as ransomware that lock up a victim’s files until the attacker gets an electronic payment.
John Bambenek, threat systems manager at protection vendor Fidelis Cybersecurity, said the ransom demand could exceed $1 million. WestPark must determine whether the purported thief has more data and what harm publication could cause, he said. The hacker may be hoping that WestPark’s business partners apply pressure on the firm to pay.
In an email, thedarkoverlord declined to comment on how it got into the bank’s system. An FBI spokesperson wouldn’t say if the bureau is aware of the incident, but a law enforcement source says a federal investigation is underway.
Times staff writer Richard Winton contributed to this report.