ALPHV ransomware group named the internationally known ITM and ATM solutions provider QSI Inc. as its victim. Quality Service Installation (QSI), Inc. is among the largest financial resellers of NCR products and offers full-service bank equipment solutions. The QSI Banking cyberattack claim by the BlackCat ransomware group could mean a significant amount of sensitive data from various sectors being exposed to them, if true.

NCR Corporation is known as a leader among technology platforms that allow self-directed banking through software, hardware, and other services to banks, retailers, businesses, and, restaurants.

The QSI Banking cyberattack was not confirmed by the firm however, has been reported by cybersecurity researchers based on the dark web announcement.

QSI Banking Cyberattack by BlackCat Group

Cybersecurity Analyst Dominic Alvieri tweeted about the QSI Banking ransomware attack with screenshots from the website of the BlackCat/ ALPHV ransomware group.

Hackers from the ALPHV ransomware group posted about the QSI Banking ransomware attack on October 14, 2023.

In a tweet, Dominic wrote, “BlackCat posts QSI Banking, Inc. with an extensive list of affected banks. /qsibanking[.]com.” The website of QSI Banking was accessible at the time of writing. The Cyber Express emailed the firm for comments about the QSI Banking ransomware attack. We are yet to receive a response.

Data Breached During the QSI Banking Hack

BlackCat stated that they exfiltrated financial, client, and work-related data from the QSI INC cyberattack. They also compromised personal data and development information from the QSI INC hack.

Moreover, they claimed that they stole SQL base data amounting to 5TB from the QSI Bank hacking.

Among the affected banks after the QSI Bank hacking were –

1. Wesbanco Bank, Inc.
2. First Financial Bank
3. Stock Yards Bank & Trust Company
4. German American bank
5. State Employees CU of Maryland, Inc (SECU)
6. First Financial Bank, National Association
7. Union Savings Bank
8. National Cooperative Bank, N.A.
9. Civista Bank
10. Mvb Bank, Inc

A list of other impacted banks due to the QSI Inc cyberattack was named alphabetically in the post by the BlackCat ransomware group. The authenticity of the same is yet to be verified.

The QSI Inc ransomware attack could be rooted in the NCR corporation cyberattack claimed by BlackCat previously in April 2023.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Related