Ransomware Attack Targets Victoria Beckham’s Personal Data

Published at: June 11, 2020

Ransomware gang, Maze, strikes again. This time, the victim is a US-based independent advisory firm specializing in the consumer and retail sectors. They have a number of big clients including businesswoman and former Spice Girl, Victoria Beckham.

Maze’s official dark web blog lists Threadstone Advisors, LLC as one of their victims following an attack within the last 24 hours.

Threadstone Advisors, LLC worked with Victoria Beckham to establish an investment liaison with NEO investment partners. Among the advisory firm’s clients are Charles S. Cohen, Pittsburgh Brewing Co., and Xcel Brands. 

Stolen data leak is “coming soon”

As of press time, Maze has leaked information belonging to Threadstone’s managing director, Joshua Goldberg. The group claimed that proof of further stolen data is “coming soon,” according to the announcement.

Such a threat could mean that the company has not paid the ransom demanded by the gang, and there is also no information on how much money in cryptos was requested.

Cointelegraph reached out to representatives from Threadstone Advisors, LLC, but have not yet received a response. We will update this article with comments accordingly.

Brett Callow, thread analyst at malware lab Emsisoft, told Cointelegraph:

“The fact that other ransomware groups have adopted Maze’s encrypt-and-exfiltrate double-whammy style of attack likely proves that the strategy works and, consequently, it will probably eventually be adopted by those groups which do not currently steal data. Of course, the strategy will be more effective in some cases than in others. Companies which hold highly sensitive information relating to their clients - such as an M&A advisory - may be more inclined to pay to prevent their data being posted online than other businesses.”

Ransomware gangs are getting more aggressive

The cybersecurity expert warns that the tactics employed by ransomware groups like Maze are becoming “ever more extreme”. He states that hackers are weaponizing stolen data via threats against business partners, clients, and to harm companies ’reputations.

Callow adds the following:

“This may be a natural evolution, or it may be a response to the Covid-19 pandemic. With so many companies facing financial challenges, fewer may be able or willing to pay ransom demands resulting in the groups seeking to exert additional pressure in an attempt to increase their conversion rate.”

ST Engineering Aerospace’s US subsidiary recently suffered a ransomware attack, reportedly by Maze, that managed to extract about 1.5TB of sensitive data from the firm and its partners.

The gang also claimed to have hacked United States egg producer, Sparboe, in a post on its website. The blog post includes sample data that the group claims was stolen from the company.

Tags
Related Posts
University of Utah Pays Ransomware Gang to Prevent Student Data Leak
The University of Utah’s College of Social and Behavioral Science confirmed that they were hit by a ransomware attack on July 19. According to a statement issued by the University, the gang left many computers inaccessible for several hours as staff took servers offline to prevent the malware from spreading to other machines on the school’s network. Following internal discussion, officials decided to work with the school’s cyber insurance provider to pay a $457,059 ransom in order to prevent a data leak. Staff from the university clarified that the insurance policy paid part of the ransom and they covered the …
Technology / Aug. 22, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Well-Known Ransomware Gang Strikes Three Companies in the US and Canada
Ransomware group REvil has launched another series of attacks targeting three companies in the U.S. and Canada. As of press time, they have leaked data from two of the companies, and threatened to disclose sensitive data from the third. The companies are well-known Canadian accounting firm, Goodman Mintz LLP, licensed real estate broker Strategic Sites LLC, and ZEGG Hotels & Store, a duty-free store. First target of the week: an accounting company The gang kicked-off the week by leaking sensitive data from the Canada-based accounting company, Goodman Mintz LLP. The leak included company files, accounting and working documents of clients, …
Technology / June 17, 2020
Knoxville Is the Latest American City to Suffer a Ransomware Attack
An unidentified ransomware gang attacked the city of Knoxville, Tennessee’s IT network, forcing officers to shut down all systems on June 12. According to local news station WVLT, the attack took place sometime between June 10–11, encrypting all files within the network infrastructure. The attack forced workstations of the internal IT network to be shut down, which also disconnected internet access from the mayor’s infrastructure, public website, and even the Knoxville court. The FBI is currently assisting in the investigation, although the identity of the ransomware group behind the attack has not yet been revealed. The official statement from the …
Technology / June 15, 2020
Michigan State University Hit by Ransomware, Refuses to Pay Criminals
In early June, media outlets reported that the NetWalker ransomware gang had attacked Michigan State University, or MSU. At the time, the gang threatened to leak students’ records and financial documents. The university’s officials now have said that they will not pay the ransom. According to Detroit Free Press, the unspecified bounty requested in crypto by the ransomware group will not be paid by MSU. Officials did not publish an official statement addressing the reasons behind the decision. The attack seems to have happened on the U.S. Memorial Day holiday. It shut down the MSU’s computer systems, and breached its …
Technology / June 11, 2020