A California investment bank appears to have been targeted by hackers, who reportedly stole and leaked sensitive internal documents, as part of an apparent elaborate extortion scheme. The hacker/hacker group going by the name The Dark Overlord leaked the internal files after their initial ransom offer was rejected by the bank's CEO.
The hackers have already leaked around 20 internal files online from Los Angeles-based WestPark Capital, as retaliation for the bank's CEO not accepting their "handsome proposal". The Dark Overlord wrote in a post on Pastebin: "WestPark Capital is a 'full service investment banking and securities brokerage firm' whose CEO, Richard Rappaport, spat in our face after making our signature and quite frankly, handsome, business proposal and so our hand has been forced."
The leaked files include internal presentations, non-disclosure agreements, internal reports and contracts. One of the leaked documents includes a signed agreement from an unnamed company. The legitimacy of the contents of this particular document has been confirmed by the firm, indicating that the hackers may indeed have breached the bank's network.
The Dark Overlord has also been recently implicated in a series of US healthcare hacks. The hacker/hackers claimed to have put troves of healthcare records, including personal details like names, address and SSNs (Social Security Numbers) of scores of patients, on sale on the popular dark web marketplace – The Real Deal.
"We made a handsome proposal to Mr Rappaport that would involve us withholding this news. However, Mr Rappaport chose to not cooperate with us in what could have been a very clean and quiet business opportunity for himself," a spokesperson for The Dark Overlord told Motherboard.
The hackers' exploits first came to light in June, after they listed a series of alleged patient records from various healthcare organisations for sale on the dark web. In these cases, the hackers would steal sensitive data, with the primary intention of extorting a ransom from the victims, with the assurance that the firm's data would not be leaked and/or sold if the ransom was paid.
It appears that the hackers may be following a similar approach in extorting WestPark Capital. The hackers said: "We are open and available for further communications with Mr Rappaport if he chooses to mitigate what may be to come."