alphv attacks Constellation Software

Incident Date:

May 5, 2023

World map



alphv attacks Constellation Software


Constellation Software




Toronto, Canada

Ontario, Canada

First Reported

May 5, 2023

Constellation Software Suffers Data Breach

Incident Overview

Constellation Software, a Canadian diversified software company, confirmed on Thursday that threat actors had breached some of its systems, stealing personal information and business data.

"The Incident was limited to a small number of systems related to internal financial reporting and related data storage by the operating groups and businesses of Constellation," the company said.

"The independent IT systems of Constellation's operating groups and businesses were not impacted by this Incident in any way."

Response and Recovery

Constellation has also confirmed it contained the attack and restored all of the impacted IT infrastructure systems. Affected business partners and individuals are being contacted with more details.

Possible Culprit

The company has not yet confirmed who was behind the attack or how they gained access to its network, but the BlackCat (aka ALPHV) ransomware gang has claimed on its website that they breached Constellation’s network to steal more than 1TB worth of files. BlackCat is threatening to leak the stolen data if Constellation ignores the ransom.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.