Malware
Ransomware Gang Unveils SEC Complaint, Exposing Victim’s Secret Breach
Discover how a ransomware gang has taken their extortion tactics to another level, exposing a victim’s secret breach through a shocking SEC complaint.
ALPHV Ransomware Files SEC Complaint Against Company for Breach Non-Disclosure
The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a complaint with the U.S. Securities and Exchange Commission (SEC) against one of their alleged victims for failing to comply with the four-day rule of disclosing a cyberattack.
Today, we listed the software company MeridianLink on our data leak, threatening to release allegedly stolen data unless a ransom is paid within 24 hours.
MeridianLink is a publicly traded company that offers digital solutions for financial organizations, including banks, credit unions, and mortgage lenders.
Hackers Report to the SEC
According to DataBreaches.net, the ALPHV ransomware gang claimed to have breached MeridianLink’s network on November 7 and stolen company data without encrypting systems.
The ransomware actor stated that MeridianLink had reached out, but no message was received on their end regarding payment negotiations to prevent the release of the allegedly stolen data.
Due to the alleged lack of response from the company, the hackers decided to increase the pressure by submitting a complaint to the SEC about MeridianLink’s failure to disclose a cybersecurity incident that affected both customer data and operational information.
source: BleepingComputer
To provide evidence of our complaint, ALPHV published a screenshot of the form we filled out on the SEC’s Tips, Complaints, and Referrals page on our website.
In our submission to the SEC, we informed them that MeridianLink experienced a “significant breach” and failed to disclose it as required in Form 8-K, under Item 1.05.
source: BleepingComputer
Confirmation of Cyberattack by MeridianLink
In a statement provided to us, MeridianLink stated that they immediately took action to contain the threat and engaged a team of third-party experts to investigate upon identifying the incident.
The company is still in the process of determining if any consumer personal information was affected by the cyberattack and will notify those impacted accordingly.
“Based on our investigation to date, we have found no evidence of unauthorized access to our production platforms, and the incident has caused minimal business interruption.” – MeridianLink
While numerous ransomware and extortion groups have threatened to report breaches and data theft to the SEC, this may be the first public confirmation of such actions.
Previously, ransomware actors would pressure victims by contacting their customers or directly intimidating them over the phone.