Black Basta-claimed cyberattack confirmed by Yellow Pages Group

BleepingComputer reported that Canadian directory publisher Yellow Pages Group admitted having its servers compromised by a cyberattack that was claimed by the Black Basta ransomware group. Black Basta also leaked a sample of data, including ID documents with birthdates and addresses, tax files with Social Insurance Numbers, an "Accounts Receivable" spreadsheet dated Feb. 28, 2023, budget and debt forecast dated December 2022, and sales and purchase deals. An investigation into the incident launched by YP revealed that its servers may have been compromised on or after March 15, with attackers obtaining personal information from the company's employees and some details from its business customers. "We have been notifying impacted individuals and reporting to all appropriate privacy regulatory authorities regarding this incident. Substantially all of our services have now been restored," said YP Senior Vice President and Chief Financial Officer Franco Sciannamblo. The attack on YP comes weeks after Black Basta claimed to compromise U.K.-based professional outsourcing provider Capita.