Hackers claim to hack Resecurity, firm says it was a honeypot

Threat actors associated with the “Scattered Lapsus$ Hunters” (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity.

As proof of their claims, the threat actors published screenshots they allege were stolen from Resecurity, including what appears to be a Mattermost collaboration instance showing communications between Resecurity employees and Pastebin personnel regarding malicious content hosted on the text-sharing platform.

Resecurity disputes the threat actor’s claims, stating that the allegedly breached systems are not part of its legitimate production infrastructure but were instead a honeypot designed to attract and monitor the threat actors.

The company says it populated the honeypot with synthetic datasets designed to closely resemble real-world business data. These included more than 28,000 synthetic consumer records and over 190,000 synthetic payment transaction records, both generated from Stripe’s official API format.

To read the complete article see: Link to Article.