Sodinokibi (REvil) ransomware operators introduced on Friday to have hacked Brown-Forman, one of many largest U.S. agency within the spirits and wine enterprise.
Sodinokibi (REvil) ransomware operators introduced final week to have breached the community of the Brown-Forman, one of many largest U.S. agency within the spirits and wine enterprise.
Menace actors declare to have exfiltrated 1TB of confidential knowledge and plan to place it up for public sale probably the most delicate information and leak the remainder.
Knowledge accessed by the gang contains confidential workers’s information, firm agreements, contracts, monetary statements, and inside messages.
The Brown–Forman Company is without doubt one of the largest American-owned corporations within the spirits and wine enterprise. Based mostly in Louisville, Kentucky, it manufactures a number of well-known manufacturers all through the world, together with Jack Daniel’s, Early Instances, Outdated Forester, Woodford Reserve, GlenDronach, BenRiach, Glenglassaugh, Finlandia, Herradura, Korbel, and Chambord.
Sodinokibi ransomware operators introduced to have spent greater than a month inspecting the infrastructure of the agency.
As a proof of the hack, Sodinokibi ransomware operators posted on their leak web site a number of screenshots displaying directories and information allegedly belonging to the corporate, and inside conversations between some workers.
The menace actors additionally revealed screenshots of database backup entries as latest as July 2020.
With this announcement, the REvil operators intention at forcing Brown-Forman into paying a ransom.
The corporate disclosed the incident in an announcement, it added that was capable of forestall its techniques from being encrypted, suggesting the involvement of a ransomware. It solely disclosed just a few particulars concerning the incident, together with when it occurred or how the hackers accessed the information.
The corporate reported the incident to the authorities and retained a world class third-party knowledge safety consultants to analyze the incident and resolve this example as quickly as doable. Brown-Forman additionally added that at present there aren’t any lively negotiations, however it suspects that some info has been uncovered.
“Brown-Forman was the sufferer of a cybersecurity assault. Our fast actions upon discovering the assault prevented our techniques from being encrypted” – stated Brown-Forman spokesperson
“Sadly, we consider some info, together with worker knowledge, was impacted. We’re working carefully with legislation enforcement, in addition to world-class third-party knowledge safety consultants, to mitigate and resolve this example as quickly as doable,” the Brown-Forman spokesperson instructed Bloomberg.
If the corporate pays the ransomware, the menace actor guarantees to delete all copies of the information.
“We nonetheless consider within the prudence of BROWN-FORMAN and are ready for them to proceed their dialogue of a method out of this example” Sodinokibi operators posted.
Pierluigi Paganini
(SecurityAffairs – hacking, Brown-Forman)
Share On