alphv attacks Brookson One

Incident Date:

January 18, 2022

World map

Overview

Title

alphv attacks Brookson One

Victim

Brookson One

Attacker

Alphv

Location

Firecrest Ct, United Kingdom

Warrington, United Kingdom

First Reported

January 18, 2022

Brookson One Suffers Ransomware Attack by ALPHV Group

Brookson One, a provider of specialist accountancy services for contractors, has been targeted by the ALPHV ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is Brookson One. Operating in the Business Services sector, Brookson One has been offering accountancy services to contractors for over two decades.

Company Size and Unique Features

Brookson One has assisted more than 90,000 contractors and freelancers in managing their businesses, providing all-inclusive services that ensure compliance with regulations and offer peace of mind for clients. The company's distinctive offerings include an all-inclusive service model, a variety of optional support and advice services, and a comprehensive accountancy portal named Brookson Connect, which enables users to manage their accounts remotely.

Vulnerabilities and Targeting

The ALPHV ransomware group, known for its prolific attacks, targets a wide range of victims including government facilities, emergency services, defense industrial base companies, critical manufacturing, healthcare and public health facilities, and other corporations. Utilizing a ransomware-as-a-service model, the group's developers create and update the ransomware, while affiliates focus on identifying and attacking high-value victim institutions.

Previous Cyber Attacks

Brookson One has previously been the target of cyber attacks, with contractors experiencing delayed wage payments and disrupted communications. Similarly, Parasol, another umbrella company, faced a suspected ransomware attack, impacting both firms' ability to pay their contractors.

Mitigation and Response

The Justice Department has taken steps to disrupt the ALPHV/Blackcat ransomware variant, aiding victims in recovering from the attacks and strengthening their digital defenses. Victims of Blackcat ransomware are advised to seek assistance from their local FBI field office.

The attack on Brookson One by the ALPHV ransomware group underscores the continuous evolution of cyber threats and emphasizes the importance for organizations to stay vigilant and proactive in safeguarding their systems. Despite Brookson One's comprehensive services and dedication to compliance, these characteristics may have rendered it susceptible to ransomware attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.