Massive Intcomex Data Breach

NOTICE: If you are a customer or user of Intcomex and/or have received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777.

blue cables at back of computer serverOn September 14, 2020, an initial installment of data stolen from technology products supplier Intcomex Corp. (Intcomex) was offered for free on a popular Russian hacking forum. The first data leak was a collection called “Internal Audit” (16.6GB), followed by a second batch titled “Finance ER” (18GB) that was released on September 20, 2020. Based on the folder names, the most recent data was from July 2020.

The leaker promised to release the entire stolen 1TB database in segments over an undisclosed period of time.

Security experts speculate that the public data leak was provoked by a failed ransom negotiation, based on a now-deleted forum thread from the Russian hacker. The leaker remarked that data would be made available in installments starting with the simplest information and finishing with the most “interesting” -- presumably the most sensitive and potentially valuable to hackers.

Experts also think the security incident may be an attack linked to LockBit ransomware, self-spreading code that requires only a few hours of network access for hackers to accomplish extensive file access without detection. Normally, a hacker needs network access for days or weeks to manually obtain a volume of sensitive data.

According claims on the hacking forum, stolen information includes:

  • first and last names
  • addresses
  • full credit card numbers
  • expiration dates
  • verification codes (CVVs)
  • passport scans
  • driver’s license scans
  • dates of birth
  • payroll information
  • social security numbers and card scans
  • other personally identifiable data
  • accounting and finance documents
  • customer databases
  • employee information
  • bank documents

Intcomex has not yet formally disclosed the data breach, but the Miami-based technology company has confirmed the hack to media sources. Intcomex claims to have taken steps to address the security incident and has alerted law enforcement. They are currently notifying affected parties “as appropriate,” but a sample data breach notice has not yet been published. Intcomex has not confirmed that a ransom was demanded nor paid.

Founded in 1988, Intcomex provides technology products and services through its 14 subsidiaries in the United States, Latin America, and the Caribbean. The company distributes computer systems and components, mobile devices, software, accessories, and cloud technology solutions for over 50,000 resellers in more than 41 countries. Intcomex estimated annual revenues exceed $241 million USD.

The Arnold Law Firm will continue to monitor this data breach and provide updated information as our investigation continues.

If you are a customer or user of Intcomex and/or have received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible legal options.