Canadian directory publishing entity Yellow Pages has officially confirmed that it has fallen victim to a cyberattack. The Black Basta ransomware group claims the credit for the attack.
Yellow Pages Group currently owns and operates the websites YP.ca and YellowPages.ca, in addition to the online service Canada411. In Québec, Ontario, Manitoba, Alberta, British Columbia, the Territories, and Atlantic Canada, YPG is the incumbent directory publisher.
Threat Actors Stole Data from Clients and Employees. While services like the Yellow Pages do provide a lot of publicly available information, that doesn’t mean they don’t also have access to sensitive company data or private customer information.
Black Basta ransomware group has released a sample of documents containing personal information. These may include, but are not necessarily limited to:
- ID documents exposing people’s date of birth and address
- Tax documents—exposing Social Insurance Number (SIN)
- Sales and purchase agreements
- ‘Accounts Receivable’ spreadsheet dated February 28, 2023
- Budget and debt forecast dated December 2022.
The company has been informing affected parties and reporting to relevant privacy regulatory authorities. Almost all of their services are back up and running at this point.
The cyber attack likely occurred on or after March 15th, 2023, as evidenced by the dates on the few leaked documents analyzed by the publication, particularly the most recent ones.