BreachExchange mailing list archives
Hackers threaten to leak data from high-end architecture firm Zaha Hadid
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 1 May 2020 09:12:27 -0500
https://www.zdnet.com/article/hackers-threaten-to-leak-data-from-high-end-architecture-firm-zaha-hadid/ A group of hackers has breached the network of Zaha Hadid Architects, one of the world's leading architectural firms, responsible for hundreds of high-end building designs all over the world. The intrusion took place last week, and hackers stole files from the company's network, encrypted files using ransomware, and are now threatening to release sensitive information on the dark web unless the company pays a hefty ransom demand. ZDNet learned of the incident from a source last week but was also contacted by the hackers today, who reached out to share a link to the website where they plan to release ZHA data. The hackers, who said they go by the name of Light (possibly the name of their ransomware variant), provided ZDNet with proof of having ZHA files in their possession. These included payroll records, bank documents, files holding employee details, life insurance details, employee contracts, email inbox dumps, and more. Other files included the SSL certificate for the Zaha-Hadid.com website and user account credentials for the company's Active Directory server. The Light hacker gang told ZDNet that they intend to publish the data later today if the company does not pay the ransom demand. Make the simplest decision and improve your company's security, with Cisco Umbrella. Cisco Umbrella is the leading provider of network security and DNS services, enabling the world to connect to the internet with confidence on any device. White Papers provided by Cisco Hackers said the company has refused to engage in any communications and ignored all their emails. The hackers' statement is in line with a report from the Architects' Journal, which reported yesterday that ZHA contacted law enforcement as soon as they learned of the hack, and refused to engage with the ransomware gang, instead, working with a forensics firm to investigate the breach and restore from backups. In a phone call today, ZHA admitted to the security breach but did not return an email seeking answers to additional questions. A NEW RANSOMWARE GANG THAT LEAKS STOLEN FILES Since December 2019, it has now become a common practice for ransomware gangs to breach high-profile companies, steal data, encrypt the company's internal network, and post stolen data on dark web portals as revenge in case the company refuses to pay. A list of all the ransomware gangs who engage in this practice is available here. To ZDNet's knowledge, the Light gang appears to be a new ransomware group, which the group confirmed in an email. According to the ID-Ransomware portal, security researchers are not yet aware of any ransomware strain going by the name of Light. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Hackers threaten to leak data from high-end architecture firm Zaha Hadid Destry Winant (May 01)