Australia’s leading fixed-income specialist, FIIG Securities, fell victim to a cyber attack orchestrated by the ALPHV/Black Cat ransomware group. The attackers claimed responsibility, disclosing the theft of approximately 385 GB of sensitive data from the company’s main server. ALPHV issued a warning, setting a three-day ultimatum for FIIG Securities to make decisions about the consequences of the breach. In response, Australian authorities activated their cyber response strategy, collaborating with cybersecurity experts to isolate affected systems.
The extensive data breach encompassed a range of sensitive information, including personal details of employees and clients, financial reports, accounting data, insurance records, and commercially sensitive information. FIIG Securities, a reputable financial services firm managing $5 billion with over 6,000 clients, emphasized its proactive approach, collaborating with authorities to ensure compliance and protect compromised data. A spokesperson highlighted the company’s commitment to responsible data management, stating that efforts are underway to notify all stakeholders promptly. The incident sheds light on the evolving tactics of the ALPHV/Black Cat ransomware group, known for utilizing compromised credentials and sophisticated methods to compromise targeted systems.
The cyber attack unfolded when an employee reported being locked out of their email account, leading to the discovery of encrypted files and wiped backups. Despite the restoration of domain controllers and some servers, certain data remained unrecoverable. The incident underscores the significance of securing against ransomware threats, with the ALPHV group using advanced techniques like Windows Task Scheduler and malicious Group Policy Objects (GPOs) to deploy their ransomware. The collaboration between FIIG Securities and relevant authorities aims to mitigate the impact and enhance cybersecurity measures against such sophisticated threats.
