In the type of attack we have been subjected to, the perpetrator often has two ways to extort a company: to damage the business by encrypting data, and to exfiltrate data, which means they take sensitive data with the possibility of publication.

In our case, we know that the perpetrator encrypted data we have stored in our administrative environments, while the trading platform itself is completely unaffected. We also know that the perpetrator accessed a very small part of the data that has existed.