alphv attacks Longhorn Investments

Incident Date:

September 24, 2022

World map

Overview

Title

alphv attacks Longhorn Investments

Victim

Longhorn Investments

Attacker

Alphv

Location

Dallas, USA

Texas, USA

First Reported

September 24, 2022

Longhorn Investments Suffers Ransomware Attack

Overview of the Incident

Longhorn Investments, a prominent direct private lender known for providing short-term acquisition and renovation capital to real estate investors, has recently fallen victim to a ransomware attack orchestrated by the group alphv. This incident was publicly disclosed on a dark web leak site. Longhorn Investments has a significant operational footprint, with activities spanning across major metropolitan areas in Texas, Missouri, Indiana, Tennessee, Alabama, North Carolina, New Mexico, Arkansas, Ohio, and Georgia.

Details of the Ransomware Attack

The ransomware attack occurred on September 15, 2022, severely impacting the company's corporate servers and various operational systems. It is believed that the attackers gained access to sensitive personal information, including dates of birth, social security numbers, addresses, credit information, and details pertaining to real estate transactions.

Response and Mitigation Efforts

In response to the attack, Longhorn Investments has implemented several security measures aimed at mitigating the damage and preventing future incidents. These measures include initiating password resets, enforcing two-factor authentication for all users, and the deployment of advanced endpoint monitoring software. Furthermore, the company has sought the expertise of a leading global cybersecurity firm to enhance its network security posture.

Implications for the Finance Sector

The ransomware attack on Longhorn Investments serves as a stark reminder of the persistent threat landscape within the finance sector. It underscores the necessity for companies in this industry to continuously enhance their cybersecurity defenses through technological investments, staff training, and collaboration with cybersecurity experts. Such proactive measures are crucial for safeguarding against the increasingly sophisticated tactics employed by cybercriminals.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.