ALPHV/BlackCat Claims Hirsch Bedner Associates Data Breach


In yet another cybercrime incident, multinational interior design firm Hirsch Bedner Associates (HBA) has fallen victim to the ALPHV/BlackCat ransomware group.

The hackers group has claimed the Hirsch Bedner Associates data breach, saying it has gained access to a massive 1TB of the company’s critical data.

The ALPHV ransomware group made the announcement about Hirsch Bedner Associates data breach on 21 July, boasting about their extensive infiltration into HBA’s network.

According to their post, the hackers have been stealthily lurking within HBA’s system for a considerable period, meticulously studying the firm’s business operations. 

Hirsch Bedner Associates data breach explained

Hirsch Bedner Associates data breach
Source: Leak site, ALPHV/Black Cat ransomware group

They assert that their expert team has even implanted a potent backdoor, providing them with the means to re-enter the network at any given time and execute their nefarious plans at will.

The Cyber Express has reached out to the design firm to learn more about the alleged Hirsch Bedner Associates data breach. However, at the time of writing this, no official statement or response has been received.

The gravity of the situation escalates further as the ransomware group threatens to publicly release all the stolen data from the Hirsch Bedner Associates data breach if their demands are not met.

With their blog boasting a vast following, including prominent media outlets, the potential fallout from the Hirsch Bedner Associates data breach could be devastating to HBA’s reputation and overall business operations.

In a similar vein, the recent data breaches affecting various online platforms have only highlighted the growing cyber threats faced by businesses and individuals alike.

Bitdefender reported a disturbing data breach in 2020, where a data breach broker leaked 1.3 million user records from the interior design platform Havenly on a dark web hacking forum.

“ALPHV emerged in November 2021 as a ransomware-as-a-service that some researchers have claimed is the successor to BLACKMATTER and DARKSIDE ransomware,” said a report by Mandiant.

“While some ransomware operators enacted rules to avoid impacting critical infrastructure and health entities, ALPHV has continued to target these sensitive industries.”

In contrast to numerous ransomware threats, ALPHV sets itself apart as it was created using Rust, a programming language renowned for its swift execution and ability to function across multiple platforms.

As a result, researchers identified versions compatible with both Linux and Windows systems during the period between December 2021 and January 2022.

Cyber attacks on interior design firms

Apart from the Hirsch Bedner Associates data breach, there have many been many incidents involving interior design firms. In a previous attack, ShinyHunters, a well-known seller of stolen data, listed several databases on the dark web. 

In one of the their exploit, they exposed over 386 million user records from 18 companies, including prominent names like Promo.com and Dave.com.

Among these breaches, the Havenly incident raised concerns as the company remained tight-lipped until recently when it finally disclosed the breach and alerted its customers.

While the leaked data samples did not confirm the extent of the compromise, it was revealed that usernames, full names, MD5 hashed passwords, email addresses, phone numbers, and other related information were at risk.

In response, Havenly swiftly implemented a password reset for all customers and urged them to practice better password management across online platforms.

Fortunately, Havenly did reassure its affected customers that they do not store complete credit card information.

This alleviates the immediate threat of credit card fraud but doesn’t eliminate the risk of phishing attempts targeting customers for further personal and financial information.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link