Any kind of organization can be the victim of a cybersecurity incident. Specialists report that the American company Brown-Forman, one of the world’s leading wine and liquor companies, has been the victim of a ransomware attack in which about 1 TB of confidential data would also have been stolen.
The Kentucky-based firm owns popular brands such as Jack Daniel’s, Woodford Old Forester, Tequila Herradura, Glendronach, El Jimador, among others. Apparently the threat actors are trying to sell the compromised information.
The attack was reportedly perpetrated by Sodinokibi operators (also known as REvil), who infiltrated the company’s networks illegitimately, staying for more than a month and extracting data stored in the cloud and locally. Committed information includes sensitive employee data, company agreements, contracts, internal documents, and more.
Through a website dedicated to leaks, threat actors posted multiple screenshots showing the compromised data, confirming their claims. The compromised information dates back to 2009, although there are more recent documents.
In statements for BleepingComputer the company confirmed the attack, adding that data theft was a real possibility: “Unfortunately, we have reason to believe that some records were affected. We are working in collaboration with world-class cybersecurity authorities and specialists in investigating this incident,” the company spokesman said.
The company also confirmed that they have not contacted threat actors to negotiate the payment of a ransom. As reported in previous incidents, malicious hackers conduct data breach campaigns to pressure companies and force payment, although they may also look for ways to sell the stolen data on hacking forums.
This incident was detected in time by brown-Forman’s IT area, so threat actors did not have enough time to encrypt the compromised information, as a result, the firm’s operations were not affected.
Finally, the hacks continue to intimidate the company, posting new threats against it: “We believe in the prudence of BROWN-FORMAN and we are waiting for them to continue their discussion on an exit to this situation”, published the operators of REvil.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.