Ransomware Group Builds Site For Victims To Search For Their Stolen Data

Share post:

The ALPHV ransomware group, aka BlackCat, took its operations to a new level by building a dedicated website where customers and employees of their victim organization can check if their data was breached in an attack.

AlphV is said to be a rebrand of the DarkSide/BlackMatter group, notorious for the attack on Colonial Pipeline, which brought to the fore the operations of these hacking groups.

Today, the AlphV/BlackCat ransomware gang started releasing stolen data that they alleged were stolen from an Oregon hotel and spa. The gang claims to have stolen 112 GB of data containing the private information of 1,500 employees, including Social Security Numbers.

But instead of simply leaking the data on their usual Tor data leak site, the ransomware group created a dedicated website enabling both hotel employees and customers to check if their data was stolen.

The site provides information about hotel guests and their stays as well as the personal data of 1,534 employees.

While the customer guest data only includes names, arrival date, and stay costs, the employee data contains very sensitive information, such as names, Social Security Numbers, date of birth, phone numbers, and email addresses.

As this site can be viewed through the public internet, it is indexable by search engines, and the stolen information may be added to search results, making this even worse for the victims.

Simply put, the site intends to scare employees and guests into demanding the hotel to delete their data from the web, which is only possible by paying a ransom.

Brett Callow, security analyst from Emisoft, who discovered this new ransomware tactic, said that while the strategy is innovative, it is too early to tell if it will pay off.

“While it’s an innovative approach, it remains to be seen whether the strategy will be successful – and, of course, that will determine whether it becomes more commonplace.”

For more information, read the original story in Bleepingcomputer.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways