Contents:
Moncler, an Italian luxury fashion brand, disclosed that it experienced a data breach after ALPHV, also known as BlackCat ransomware gang files managed to steal its files in December. According to BleepingComputer, the stolen data was leaked on the dark web this week.
What Is BlackCat Ransomware?
This relatively new ransomware organization, which appeared at the end of last year, has the potential to be the most advanced ransomware of 2021, with a highly adjustable feature set that allows for attacks on a wide range of corporate setups.
The ransomware executable is written in Rust, a programming language that, while not frequently used by malware developers, is gaining popularity because of its high efficiency and memory safety.
More on the Moncler Ransomware Attack
The ransomware attack occurred at the end of 2021 when the fashion giant announced a disruption in its IT services but promised that the shutdown would only be temporary.
The company issued a brief update on the situation at the beginning of this month, confirming that “logistics activities related to the shipping of final products have been reactivated,” and adding that it will prioritize shipments for its e-commerce clients. It also said that its customer service operations are gradually getting back to normal.
Who Was Affected?
According to BleepingComputer, Moncler confirmed that yesterday the AlphaV (BlackCat) ransomware threat actor made public some confidential information belonging to its personnel, former employees, suppliers, consultants, business associates, and clients.
The stolen files were made public after Moncler refused to pay the demanded ransom of $3 million, stating it would go against the company’s founding principles.
With regard to information linked to customers, the company informs that no data relating to credit cards or other means of payment have been exfiltrated, as the company does not store such data on its systems.
Moncler reminds that all information in the possession of cybercriminals is the result of illegal activities and that consequently, the acquisition, use and dissemination of the same constitutes a criminal offense.
What Kind of Information Was Stolen?
The stolen data includes:
- earning statements,
- spreadsheets with what seems to be customer data,
- invoices,
- other documents.
The fashion company immediately informed all relevant authorities, including the Data Protection Authority. Moreover, the stakeholders who have been impacted by the data breach have been contacted.
How Can Heimdal™ Help?
Ransomware is one of the most common and most dangerous cyber threats of today, with possibly lethal consequences. Learning how to prevent it should be a top priority for any company interested in keeping its employees, clients, partners, assets, money, and business operations safe.
In the fight against ransomware, Heimdal Security is offering its customers an outstanding integrated cybersecurity suite including the Ransomware Encryption Protection module, that is universally compatible with any antivirus solution, and is 100% signature-free, ensuring superior detection and remediation of any type of ransomware, whether fileless or file-based (including the most recent ones like LockFile).
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.