Technology products supplier Intcomex hacked, 1TB of data stolen


Technology products supplier Intcomex Corp. has suffered a data breach and about a terabyte of its user data was released on a hacking forum.

First reported by Cybernews today, the leaked data included credit card details, passport numbers, license scans, personally identifiable information, payroll data, financial documents, customer details, employee information and more.

Parts of the data were first released for free on a Russian hacking forum Sept. 14, with more released Sept. 20. Those behind the hack are promising to release even more data in the future.

Intcomex hasn’t formally disclosed the data breach on its website, but the company did confirm the hack to Cybernews. In a tick box of standard responses, Intcomex said it had taken steps to address the situation, had “engaged third-party cybersecurity experts to assist us in the investigation and… implemented additional enhanced security measures. We also notified law enforcement. We are notifying affected parties as appropriate.”

The company is based in Miami, Florida, but offers services both in the U.S. and abroad. Although Florida doesn’t have any disclosure laws, California does. And though it’s not clear if it has clients in California, it’s arguably poor form not to disclose the details of a data breach publicly regardless of local legal requirements to do so.

“The bottom line is no company or industry is immune to cyberattack,” Adam Laub, general manager of data access governance firm Stealthbits Technologies Inc., told SiliconANGLE. “While it seems more of an inevitability than anything else at this point, the probability of successful breach and compromise at tremendous scale like this is really what organizations are somewhat in control of.”

Erich Kron, security awareness advocate at security awareness training firm KnowBe4 Inc., noted that not only is the volume of leaked data significant but the sensitivity of the contents