Tuesday, December 3, 2024
HomeCyber Security NewsRansomware Gang Files an SEC Complaint for Victim Not Disclosing Data Breach

Ransomware Gang Files an SEC Complaint for Victim Not Disclosing Data Breach

Published on

SIEM as a Service

Alphv Ransomware gang filed an SEC complaint against MeridianLink for not disclosing a data breach.

BlackCat, also known as ALPHV, BlackCat operates on the ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments.

The ransomware relies essentially on stolen credentials obtained through initial access brokers for initial access. The group operates a public data leak site to pressure victims to pay ransom demands.

- Advertisement - SIEM as a Service

MeridianLink (MLNK) is a leading provider of comprehensive loan origination solutions and an advanced digital lending platform designed to cater to the ever-changing needs of financial institutions.

The DataBreaches report states that Alphv has incorporated MeridianLink into its malicious website. However, the data breaches suggest that the attack was carried out with the involvement of another party.

According to reports, Alpha claimed that they did not encrypt any files, instead, they stole them and removed them from the system. It was also reported that no immediate security measures were taken in response to the incident.

When DataBreaches inquired whether MeridianLink had gotten in touch with AlphV or replied to them, they were informed that although there had been no communication between the attackers and the company, AlphV had received a message from MeridianLink at some time.

DataBreaches enquired of MeridianLink on the purported event and its management. They quickly reacted and said the following:

Ransomware Gang SEC Complaint
Data Breaches

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...