US Farmer Cooperative Hit By $5.9M BlackMatter Ransomware Attack
NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data.
In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, which will increase to $11.8 million if a ransom is not paid in five days.
These ransom demands are a starting point for negotiations and usually lead to significantly smaller payments if a victim decides to pay.
🌐 BlackMatter #Ransomware group just ransomed another food critical infrastructure in the US, The ransom demand is 5,900,000$ for now 🚨— DarkFeed (@ido_cohen2) September 20, 2021
The victim is playing by the rules: "@CISAgov is going to be demanding answers from us within the next 12 hours" 🧐#BlackMatter pic.twitter.com/Iciet8lhwQ
NEW Cooperative has confirmed the attack to BleepingComputer and stated that they had taken their systems offline to contain the attack’s spread.
“NEW Cooperative recently identified a cybersecurity incident that is impacting some of our company’s devices and systems. Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained,” a NEW Cooperative spokesperson told BleepingComputer.
“We also quickly notified law enforcement and are working closely with data security experts to investigate and remediate the situation.”
On the non-public data leak page, the threat actors claim to have stolen the source code for the soilmap.com project, R&D results, sensitive employee information, financial documents, and an exported database for the KeePass password manager.
The page includes screenshots of allegedly stolen data, including legal documents, a screenshot of an application, and financial information.