News has emerged that the hacker group known as RansomHub is threatening to release the sensitive data of high-end Christie’s art auction house in New York, including financial data and client addresses by the end of May, if no ransom is paid:
Now, RansomHub has posted a new thread on a dark web site, assuming responsibility for the attack, and claiming it grabbed customer names and birth dates. At this moment it is impossible to verify the authenticity of the claims, but with RansomHub’s history, it’s possible they are telling the truth.
RansomHub was born out of the disappearance of the ransomware-as-a-service known as ALPHV, or BlackCat.
With a ransomware-as-a-service model, one group builds and maintains the malware while others, called affiliates, do the actual breaching and encrypting. When affiliates successfully extort money from a victim, they get a piece of it, while a piece goes to the developers. When an ALPHV affiliate breached Change Healthcare earlier this year, they allegedly successfully extorted the healthcare giant for $22 million. However, when it was time to split the prize, the developers took all of it and just disappeared, leaving the affiliate with roughly 4TB of stolen sensitive data.
This affiliate was later named RansomHub and it tried, on its own, to extort Change Healthcare again.
In Christie’s case, the group said it would release the timer by the end of May, since it couldn’t come to an agreement with the company.
Darren Williams, CEO and Founder, Blackfog had this to say:
“The clock is ticking for Christies Art House who has a major decision to make now that criminal gang RansomHub has implemented a payment deadline. With the personal and financial data belonging to their high-profile clients at risk, this is indeed quite worrying.
The ‘to pay or not to pay’ dilemma is a serious issue for all types of organisations who are facing a rising wave of ransomware attacks. High profile organisations such as Christie’s, which sells high value items upwards of £600 million, will always be on the radar or cyber attackers looking for a quick win with large financial gain.
Once the data is in the hands of the attackers, the focus must be on handling the incident and repercussions as quickly as possible, leaning on experts to help ease the process when possible. Once the clean up is done, the focus must shift to preventing these attacks in the future by implementing technology designed to prevent the exfiltration of data, mitigating the risks of future attacks and extortion.”
RansomHub, the attacker group behind this attack, is quite new, first identified by BlackFog in February of this year. The criminal gang has since claimed attacks on multiple organisations – notably UnitedHealth Group, American Clinical Solutions and now Christie’s art auction house in New York.
It will be interesting to see what happens next as we’re only two days from the end of May. I’m pretty sure that this group will release some sort of data in retaliation for not getting paid. But not paying them is the correct course of action as cybercrime groups cannot be allowed to succeed in terms of extorting money from their victims.
Investors At Amazon’s AGM Show That Support For Workers Rights At An All Time High
Posted in Commentary with tags Amazon on May 28, 2024 by itnerdThis is a follow up to this recent story involving Amazon and workers rights.
Investors of Amazon.com continued to lend their support to a shareholder proposal on freedom of association and collective bargaining during the company’s recent annual general meeting (AGM).
The proposal, put forward by an international coalition of responsible investors representing 3.5-trillion USD in assets under management (AUM), called for Amazon to undergo a third-party assessment reviewing the extent to which it has been living up to its promises to respect international labour standards.
According to Company filings that were published on Friday, approximately 32 per cent of votes were cast in favour of the proposal — the second-highest level of investor support for any of the 14 shareholder proposals voted on at last Wednesday’s AGM. Accounting for the large number of shares controlled by board member and former Amazon CEO Jeff Bezos, roughly 37 per cent of independent votes were cast in favour of the proposal.
This vote comes amid a number of recent concerning developments in Amazon’s relationship with its workers. A major British trade union, GMB, recently announced legal action against the Company in the U.K. over allegations of anti-union practices; in the U.S., a federal administrative judge ruled that CEO Andy Jassy violated federal law by making comments on unions.
These developments coincided with a surge in investor support for the shareholder proposal. In addition to the original coalition of 22 cofilers, the proposal was publicly supported in recent weeks by numerous major public funds and asset managers:
The proxy advisory firms International Shareholder Services (ISS) and Glass-Lewis also backed the proposal, despite management’s opposition.
Sarah Couturier-Tanoh, Director of Shareholder Advocacy for SHARE, the Shareholder Association for Research and Education, which led the investor coalition behind the proposal had this comment:
“Once again, shareholders have sent a clear message to Amazon’s board and management that the Company must do better in delivering on its commitment to workers’ rights,”
“Given the widespread support the proposal received, we expect the board to demonstrate — at a minimum — what it is doing to comply with international human rights standards and mitigate the labour-rights related risks shareholders are seeing.”
Leave a comment »