Xtium, a managed service provider (formerly known as ATSG) focusing on AI-powered IT infrastructure, security, and cloud solutions, has allegedly been compromised in a massive extortion campaign. A threat actor claims to have breached the company’s network and maintained undetected access to their Veeam backup instances for approximately eight months. According to the forum post, after initial extortion negotiations with Xtium management stalled, the attacker breached the network a second time ten days later. The actor is now listing the stolen data for sale and actively soliciting Xtium’s clients directly, offering to delete their specific backups in exchange for payment.
According to the actor, the 485.8TB of allegedly compromised data includes:
-
480TB of client Virtual Machine (VM) backups obtained from a compromised Veeam instance.
-
Client file-level restore data.
-
5.8TB of internal Xtium and client TeamShares data extracted from Synology ShareSync.
Daily Dark WebRead More
R1
T1
