Iron Mountain Data Breach Claimed by Everest Extortion Group

Iron Mountain, a records management and data storage company, reports a data breach after the Everest extortion group claimed to have stolen sensitive files. 

The group used compromised credentials to access a public-facing file-sharing server used for vendor communications. Iron Mountain claims that the Everest operators did not deploy ransomware or malware during the intrusion. Apparently the breach was restricted to this isolated environment, and the company's core infrastructure remained secure. The attackers remained undetected until the data was posted on the Everest leak site.

The company confirmed the following data was compromised:

• Marketing materials shared with third-party vendors

The Everest ransomware group claims additional data types were stolen:

• Internal company documents
• Personal documents and information on clients

The group claims to have stolen 1.4 TB of data. The number of affected individuals is not disclosed. 

The organization deactivated the compromised credentials, have since vetted the file-sharing server and confirmed that no other systems were breached. No external security firms or victim services were mentioned in the initial response.