Andy Frain Services has notified many individuals. Over 100,000 people were affected by a data breach. Their personal information was compromised in October 2024. The firm serves clients like the NFL and NBA. Notifications were sent to 100,964 impacted people. Details of the stolen information were not given. In November 2024, ransomware group Black Basta claimed responsibility. Black Basta stated it stole 750 GB of data. Andy Frain Services did not confirm these claims.
Concerns were raised about the notification delay. Roger Grimes noted it took nearly seven months. Hackers could have misused information during this period. Grimes questioned how the breach occurred. Was it social engineering or unpatched software? Knowing the cause helps prevent future incidents. Andy Frain Services has not explained the breach. They have not detailed steps taken to fix vulnerabilities. This lack of information makes future prevention harder.
Black Basta is the group that claimed the attack. It is one of many active ransomware gangs.
Paul Bischoff provided details about this group. Black Basta appeared in early 2022. It runs a ransomware-as-a-service business. Clients pay to use its tools for attacks. Black Basta often uses double extortion methods. They demand ransoms for data restoration. They also demand payment not to leak stolen data. Black Basta has claimed 166 confirmed attacks. These attacks compromised over 11.7 million records.
Their average ransom demand is $2.9 million USD.
Ransomware attacks continue to be frequent and impactful. So far in 2025, Black Basta claimed five victims. These claims were all made in January 2025. These 2025 attacks are not yet confirmed. In 2024, 793 confirmed US attacks occurred. These compromised over 268 million records. Service-based businesses like Andy Frain were hit 64 times. The average ransom demand exceeds $2.3 million USD. For service businesses, it is $787,000 USD. Andy Frain Services works with those affected. However, specific advice for victims has not been released.
Reference:
