A dark web actor named “komarod” is claiming credit for a June 8 Shadow PC data breach, allegedly stealing data from the UK-based cloud service provider. The Shadow PC cybersecurity incident has raised concerns about the security of Shadow’s systems and the safety of user data.
The leaked database shared on an English-language cybercrime forum called Leakbase contains a staggering 545,014 records. These records encompass a range of data fields such as ID, email, first name, last name, user creation date, and billing address, all encapsulated in a JSON format.
Understanding the Shadow PC Data Breach Claims
Shadow.tech, a cloud computing service developed by the French company Blade, has been at the forefront of innovative cloud technology, offering users the capability to run video games and other Windows software applications remotely on Windows 10 servers. This service, acquired by OVHcloud founder Octave Klaba in 2021, has garnered significant attention in the IT & ITES industry.
The impact of the Shadow PC data breach extends to both Shadow.tech and its parent company, Blade. With the leak affecting users primarily in the United Kingdom and across Europe, concerns about the safety of personally identifiable information (PII) have heightened.
While the cyberattack has yet to be officially confirmed by Shadow.tech or Blade, the threat actor’s post on the cybercrime forum indicates a breach in the system’s security defenses. The lack of an official statement or response from the organization has left the claims regarding the Shadow data breach unverified.
Previous Shadow.tech Cybersecurity Incidents
Interestingly, despite the Shadow PC data leak, the website remains operational, showing no immediate signs of a cyberattack. This suggests that the hacker group may have targeted the backend of the website, focusing on data extraction rather than launching a front-end assault such as a DDoS attack or website defacement.
However, this is not the first time Shadow.tech has faced cybersecurity challenges. In a previous incident in 2023, the company experienced a similar breach where customer data was compromised due to a social engineering attack against one of its employees. Over half a million customers were potentially impacted by the breach, raising concerns about the security measures in place at Shadow.
CEO Eric Sele, while acknowledging that breach, refrained from disclosing the exact number of individuals affected. Despite claims from the threat actor regarding the sale of stolen data on a cybercrime forum, the company remained tight-lipped about the specifics of the breach and its implications for customers.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
