Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
This is how a cyberattack becomes legal.
A group of cybercriminals ALPHV / BlackCat introduced an innovation in extortion methods by filing a complaint with the US Securities and Exchange Commission (SEC) against the company MeridianLink. Hackers accused the company of failing to meet the deadline of 4 days for official disclosure of information about the cyber attack.
Under the new SEC rules, companies whose shares are listed on the stock exchange are required to report cyber attacks that have material consequences, i.e. affect investment decisions. However, these rules do not take effect until December 15, 2023.
MeridianLink, a publicly traded company that develops digital solutions for financial institutions and banks, has been listed as a data leak by the ALPHV group. The criminals threatened to reveal the stolen data if the ransom was not paid within 24 hours.
By data DataBreaches.net The ALPHV group claims to have penetrated the MeridianLink network on November 7 and stolen data without resorting to system encryption. The group pointed out the lack of feedback from the company regarding the buyout negotiations, which was presumably the reason for the appeal to the SEC.
Entry about MeridianLink on the BlackCat website
The complaint sent to the SEC says that MeridianLink did not disclose information about a major cybersecurity breach, as required by law. To confirm its actions, ALPHV posted on its website a screenshot of the completed complaint form on the SEC page.
Screenshot of the completed SEC application
MeridianLink confirmed the fact of the cyberattack to BleepingComputer and said that after its discovery, it took measures to localize the threat and attracted third-party experts to investigate. The company also said that it is working to determine whether consumers ' personal data was affected, and is ready to notify the affected parties if necessary. According to the company, at the moment there is no evidence of unauthorized access to production platforms, and the cyber attack resulted in minimal interruptions in work.
Such a case may be the first publicly confirmed example of a ransomware group itself contacting the SEC. Previously, ransomware groups were limited to threats to contact regulators or inform victims clients about hacking.
A group of cybercriminals ALPHV / BlackCat introduced an innovation in extortion methods by filing a complaint with the US Securities and Exchange Commission (SEC) against the company MeridianLink. Hackers accused the company of failing to meet the deadline of 4 days for official disclosure of information about the cyber attack.
Under the new SEC rules, companies whose shares are listed on the stock exchange are required to report cyber attacks that have material consequences, i.e. affect investment decisions. However, these rules do not take effect until December 15, 2023.
MeridianLink, a publicly traded company that develops digital solutions for financial institutions and banks, has been listed as a data leak by the ALPHV group. The criminals threatened to reveal the stolen data if the ransom was not paid within 24 hours.
By data DataBreaches.net The ALPHV group claims to have penetrated the MeridianLink network on November 7 and stolen data without resorting to system encryption. The group pointed out the lack of feedback from the company regarding the buyout negotiations, which was presumably the reason for the appeal to the SEC.
Entry about MeridianLink on the BlackCat website
The complaint sent to the SEC says that MeridianLink did not disclose information about a major cybersecurity breach, as required by law. To confirm its actions, ALPHV posted on its website a screenshot of the completed complaint form on the SEC page.
Screenshot of the completed SEC application
MeridianLink confirmed the fact of the cyberattack to BleepingComputer and said that after its discovery, it took measures to localize the threat and attracted third-party experts to investigate. The company also said that it is working to determine whether consumers ' personal data was affected, and is ready to notify the affected parties if necessary. According to the company, at the moment there is no evidence of unauthorized access to production platforms, and the cyber attack resulted in minimal interruptions in work.
Such a case may be the first publicly confirmed example of a ransomware group itself contacting the SEC. Previously, ransomware groups were limited to threats to contact regulators or inform victims clients about hacking.
