TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)
Summary
The TeamPCP supply chain campaign continues with new developments, including Databricks investigating a potential compromise and TeamPCP running dual ransomware operations. AstraZeneca data has also been released as part of this ongoing campaign, which has now shifted focus to monetization.
IFF Assessment
This article details an active threat campaign involving supply chain compromise, ransomware, and data exfiltration, posing significant risks to organizations.
Defender Context
Defenders should remain vigilant regarding supply chain attacks, as compromised tools can lead to widespread impact. The dual ransomware operations and data releases highlight the multifaceted monetization strategies employed by threat actors, necessitating robust incident response and recovery plans.