The notorious Black Basta ransomware group has once again made headlines, targeting five new victims and adding them to their dark web portal. Among the affected organizations are Goodin Abernathy LLP, Scullion LAW, Franz Carl Weber AG, Haas Inc., and Alan Ritchey, Inc.
One of the most significant victims of this recent attack is Goodin Abernathy LLP, a prominent law firm based in Indianapolis. The data breach suffered by the firm has exposed a massive 455 GB of sensitive organizational data, including confidential agreements, personal employee information, case data, and various company and user data folders.
In addition to Goodin Abernathy LLP, Franz Carl Weber AG and Scullion LAW have also fallen prey to the Black Basta ransomware attack. The breach at Franz Carl Weber AG resulted in 705GB of compromised data, while Scullion LAW had 155 GB exposed. Both organizations, well-known in their respective industries, were included in the dark web portal operated by the threat actor.
Furthermore, Haas Inc. and Alan Ritchey, Inc. were also targeted in this cyber attack. Haas Inc., a reputable concrete and excavation company in Central Wisconsin, had 498 GB of data compromised. The breached data includes user data, accounting files, legal documents, and HR records.
Despite attempts to reach out to the affected entities, no official statements or responses regarding the ransomware attack have been received at this time. The validity of the claims made by the Black Basta ransomware group remains unverified.
It is interesting to note that the websites of the affected organizations appear to be operating normally, indicating that the ransomware group may have focused on attacking backend systems or databases rather than executing front-end attacks like DDoS or defacements.
These recent incidents serve as a stark reminder of the increasing threat posed by ransomware groups such as Black Basta. In related news, both Black Basta and Bl00dy ransomware gangs were recently linked to a series of attacks targeting ScreenConnect servers. These attacks exploited a critical vulnerability (CVE-2024-1709) to create admin accounts, delete existing users, and take control of vulnerable instances. ConnectWise has since released security updates to address the vulnerability.
Moreover, Hyundai Motor Europe was also a recent target of a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. This incident underscores the widespread impact of cyber threats on businesses across various industries.
In conclusion, the recent spate of ransomware attacks orchestrated by the Black Basta group highlights the urgent need for enhanced cybersecurity measures to protect organizations from such malicious threats. It is essential for businesses to stay vigilant and implement robust security protocols to safeguard their sensitive data and operations from cyber criminals.