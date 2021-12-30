A group of Russian hackers named C10p launched a supply chain attack against the IT service provider of Dacoll, a company that manages access to the National Police Computer (PNC), a database containing information on millions of people.

C10p demanded a ransom for the stolen data and after Dacoll’s refusal, the hackers published an extract of the confidential information.

However, after threatening to release all the information, they disappeared, which leads one to wonder if the authorities took action against the hackers or they sold the databases to the highest bidder.

Hacking the supply chain

The data stolen and uploaded to the ‘dark web’ from the UK Police include traffic camera footage that was stolen from Dacoll’s systems via a link from phishing.

The attack appears to be on the supply chain, similar to the Kaseya MSP and SolarWinds cases.

These types of cyberattacks have been increasing in popularity in the world of hackers. “Cyberattacks against software supply chain targets that exploit weaknesses in open source ecosystems have increased 650% year-on-year in 2021.” according to a report by the company Sonatype.

