The notorious Black Basta ransomware group has struck again, targeting five new victims and adding them to their dark web portal. Among the alleged organizations affected are Goodin Abernathy LLP, Scullion LAW, Franz Carl Weber AG, Haas Inc., and Alan Ritchey, Inc.
Among the listed victims, the Black Basta ransomware attack on Goodin Abernathy LLP, a prominent law firm based in Indianapolis, has caused a stir in legal circles. The alleged data breach has exposed a staggering 455 GB of sensitive organizational data. This includes confidential agreements, personal employee information, case data, and various company and user data folders.
Black Basta Ransomware Attack: 5 New Victims Added
Similarly, Franz Carl Weber AG and Scullion LAW have also fallen victim to this Black Basta Ransomware attack.
The threat actor’s post reveals the extent of the breach, with Franz Carl Weber AG reportedly having 705GB of data compromised, while Scullion LAW had 155 GB exposed. Both organizations, renowned in their respective fields, were added to the dark web portal operated by the threat actor.
Additionally, Haas Inc. and Alan Ritchey, Inc. have been targeted, with the former experiencing a breach involving 498 GB of data. Haas Inc., a well-established concrete and excavation company in Central Wisconsin, now grapples with the fallout of compromised user data, accounting files, legal documents, and HR records.
The Cyber Express reached out to all the listed entities mentioned by the threat actor, but as of the time of reporting, no official statements or responses have been provided. Consequently, the claims regarding the Black Basta ransomware attack remain unverified.
Recent Attacks Orchestrated by the Black Basta Ransomware Group
Interestingly, the websites of the affected organizations appeared operational, showing no immediate signs of the cyber assault. This suggests that the ransomware group may have targeted the backend systems or databases rather than executing a front-end attack like DDoS or defacements.
These recent incidents highlight the growing threat posed by ransomware groups like Black Basta. In a related development, the Black Basta and Bl00dy ransomware gangs were recently implicated in a series of attacks targeting ScreenConnect servers.
These attacks exploited a critical flaw (CVE-2024-1709), allowing threat actors to create admin accounts, delete existing users, and seize control of vulnerable instances. ConnectWise, the company behind ScreenConnect, has since released security updates to address the vulnerability.
Furthermore, in a separate incident earlier this month, Hyundai Motor Europe was hit by a Black Basta ransomware attack. The threat actors behind the attack claimed to have absconded with three terabytes of corporate data, highlighting the far-reaching impact of these cyber threats on businesses across various industries.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.