alphv attacks duda

Incident Date:

July 13, 2022

World map

Overview

Title

alphv attacks duda

Victim

duda

Attacker

Alphv

Location

Maria Luíza, Brazil

Cascavel, Brazil

First Reported

July 13, 2022

Duda Suffers Ransomware Attack by Alphv Group

Company Overview

Duda is a family-oriented company with a rich history dating back to 1926, focusing on growing healthy food products. They have expanded their operations to include planning and building vibrant communities with balanced growth. Their success is deeply rooted in their faith and commitment to their people.

Industry Standout

Duda's unique selling proposition is their commitment to the land and its resources, which spans generations. They have a strong focus on community and stewardship, setting them apart in the software industry.

Vulnerabilities

The ransomware attack on Duda in 2022 was significant, with the attackers gaining access to the company's information technology systems and deploying ransomware, encrypting most of DUDA's computer network. The attack resulted in the downloading of files containing personally identifiable information, including full names, social security numbers, payroll data, financial information, dates of birth, email addresses, telephone numbers, addresses, employee identification numbers, employee dependent information, and other data.

Response and Mitigation

Duda reported the incident to law enforcement and has worked diligently to restore operations and security since the attack. They have also offered credit monitoring services to individuals who may have been affected by the breach.

Security Measures

Duda has taken steps to strengthen their information security systems to reduce the risk of similar attacks in the future. They have also implemented security measures to protect their systems from online attacks.

Class Action Lawsuit

A class action lawsuit was filed against Duda & Sons Inc. for failing to safeguard consumers' personally identifiable information from the ransomware attack.

Security Risks of WordPress

Duda's platform was built for digital agencies, offering superior security measures compared to WordPress. WordPress, while an excellent environment for building websites, has security risks that may not be worth it for businesses.

Duda's Approach to App Integration

Duda's approach to app integration is fundamentally different from WordPress's plugins. Apps do not directly install source code onto Duda's servers, but instead have access to structured, scoped, and secured APIs that limit the potential for malicious activity.

The ransomware attack on Duda underscores the critical importance of robust security measures in the software industry. Companies must remain vigilant against cyber threats and take proactive steps to protect their systems and data.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.