The United States tax resolution firm Optima Tax Relief has unfortunately suffered a significant and damaging Chaos ransomware attack. The responsible threat actors are now reportedly leaking sensitive data that was stolen directly from the well-known company’s computer systems. Optima Tax Relief is a prominent tax resolution and settlement firm that helps individuals and businesses with their various tax issues. On June 6th, the Chaos ransomware gang officially added Optima Tax Relief to its data leak site, claiming to have stolen 69 gigabytes. This ransomware operation is relatively new, having first launched its illicit activities with five victims back in March of this current year.
The stolen data appears to contain both the company’s corporate information and also highly sensitive and detailed customer case files. These types of important tax documents commonly contain a large amount of sensitive personal information that can be readily exploited by criminals. This can include critical items such as Social Security numbers, personal phone numbers, and also the home addresses of many different clients. This stolen personal data can then be used for further malicious activity by other threat actors or for widespread and damaging identity theft. This was a double-extortion attack, with the threat actors not only stealing the data but also encrypting the company’s important servers.
The Chaos ransomware gang responsible for this attack should not be confused with “The Chaos ransomware builder” which has existed since 2021.
That older malware builder has been used by various criminals to create a myriad of branded encryptors used in phishing campaigns. The new Chaos ransomware gang has also recently claimed to have successfully breached the Salvation Army, which has not yet responded. The number of individuals affected by the Optima Tax Relief breach has not yet been disclosed by the company to the public.
Similarly, the total financial value of this incident or of the stolen data has also not been disclosed at this particular time.
At the present time, the company Optima Tax Relief has not yet issued any kind of official public statement regarding this security incident. The company has also not yet officially notified any of its affected customers whose sensitive data was potentially compromised by the attackers. Furthermore, it appears that relevant government authorities have also not yet been officially notified by the company about this data breach. The current lack of an official response from the firm leaves many customers completely unaware of the potential serious risks. This entire situation clearly highlights the significant damage that can be caused by these new and aggressive ransomware operations targeting businesses today.
Reference:
