UK-Based Consultancy Company Loses 300Gb Valuable Data To Maze Ransomware Attackers


A UK based company, London Offshore Consultant (LOC) was held at ransom by hackers and failed to notify authorities within the stated timeframe. According to the report, the company was hacked by Maze ransomware attackers and went away with 300GB of data. Maze ransomware has been updated to exfiltrate data before encrypting files. In this case, companies that have a backup and refuse to meet the ransom demand can still be threatened with the obtained information. They mostly release the data bit by bit to force the affected company to pay the ransom.

According to the Information Commissioner’s Office (ICO), all companies affected by cyber-attacks must notify them within 72hours after being aware of the attack. However, the London-based company failed to notify them within the stated timeframe. Instead, they only alerted the ICO in two weeks after they got to know about the attack. In this case, LOC Group would probably be fined of 4% of their global turnover, or they may be asked to pay €20 million. This is a known instruction meant to force companies to seek the required assistance as early as possible to reduce the impact.

Maze Ransomware Attackers

Image Source:

How the attack was launched by hackers has not been revealed. However, it was stated that the Maze hackers encrypted the system of LOC Group on 30 December 2019. As stated earlier, over 300GB of data were stolen. The hackers then asked the company to pay a ransom for a decrypted key in other to access the locked data. It was even reported that the Maze ransomware attackers have leaked a part of the stolen data in a bid to force the London Offshore Company to meet the ransom demand.

According to LOC Group, they are indeed investigating a cyber incident which is a confirmation of the circulating report. They stated that they acted swiftly and have started a full-scale investigation to know the extent of impact and understand how it was launched for reference. They also revealed that they are working with authorities to investigate the cyber incident. Around the last quarter of 2019 down to 2020, many companies were affected by the attack of maze ransomware and a number of them have already paid the ransom to get access to their encrypted data.

The LOC Group has also not made any statement whether they have paid the ransom as requested by the Maze ransomware attackers. However, they admitted that a portion of the stolen data has been leaked online. The LOC Group has clarified that no personal information was exposed in the data released by the Maze hackers. Also, the spokesperson of the National Crime Agency has admired in a statement that there was a cyber incident at LOC Group. He admitted that they are currently working with relevant bodies to fully understand what happened.

Recently, Southwire, a cable and wire manufacturer company based in Georgia filed a lawsuit against the Maze ransomware attackers though they remain anonymous. Maze ransomware attackers hacked into the system of Southwire on 9 December 2019 and sent its servers offline. This affected the company heavily.

Maze ransomware attackers requested a ransom of $6.1 million which was about 850 Bitcoins. Refusing to meet their ransom demand to get their data back just as most of their victims, Southwire filed a lawsuit against the anonymous gang.

Maze ransomware attackers earlier messaged the company informing them that they have downloaded a bunch of sensitive information and would be released to the public if the ransom demand is not met. However, Southwire responded by demanding “compensation damages and injectory relief.” This is a very hard way of dealing with this anonymous hackers as they have stolen and truly release the stolen data of affected companies for failing to pay the ransom. Maze ransomware attackers most of the time fail to release the decryption key and cannot be trusted with paying the ransom.

Maze Ransomware Attacker

Image Source:

According to a report released by the FBI warning US companies of the tricks used by the Maze ransomware gangs to launch an attack, they mostly use fake cryptocurrency sites and malspam campaigns to get targets. They mostly pose as genuine government agencies or security vendors.

As part of the proposed measures to stand against these attackers, it is strongly recommended that individuals and companies use two-factor authentication, stronger passwords and have the habit of changing passwords occasionally. Proper backups must be created and tested to minimize the cost when recovering from a maze ransomware attack.

Source: Yahoo News

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation to the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #Deep_Web_directories #Hidden_Wiki_Links #Deep_Web_Links_and_Web_Sites #Dark_Web_Links #Best_Dark_web_Websites


Please enter your comment!
Please enter your name here