alphv attacks Longhorn Investments
Incident Date:
September 24, 2022
Overview
Title
alphv attacks Longhorn Investments
Victim
Longhorn Investments
Attacker
Alphv
Location
First Reported
September 24, 2022
Longhorn Investments Suffers Ransomware Attack
Overview of the Incident
Longhorn Investments, a prominent direct private lender known for providing short-term acquisition and renovation capital to real estate investors, has recently fallen victim to a ransomware attack orchestrated by the group alphv. This incident was publicly disclosed on a dark web leak site. Longhorn Investments has a significant operational footprint, with activities spanning across major metropolitan areas in Texas, Missouri, Indiana, Tennessee, Alabama, North Carolina, New Mexico, Arkansas, Ohio, and Georgia.
Details of the Ransomware Attack
The ransomware attack occurred on September 15, 2022, severely impacting the company's corporate servers and various operational systems. It is believed that the attackers gained access to sensitive personal information, including dates of birth, social security numbers, addresses, credit information, and details pertaining to real estate transactions.
Response and Mitigation Efforts
In response to the attack, Longhorn Investments has implemented several security measures aimed at mitigating the damage and preventing future incidents. These measures include initiating password resets, enforcing two-factor authentication for all users, and the deployment of advanced endpoint monitoring software. Furthermore, the company has sought the expertise of a leading global cybersecurity firm to enhance its network security posture.
Implications for the Finance Sector
The ransomware attack on Longhorn Investments serves as a stark reminder of the persistent threat landscape within the finance sector. It underscores the necessity for companies in this industry to continuously enhance their cybersecurity defenses through technological investments, staff training, and collaboration with cybersecurity experts. Such proactive measures are crucial for safeguarding against the increasingly sophisticated tactics employed by cybercriminals.
Sources
- Longhorn Investments. "Hard Money Lending Simplified." Retrieved April 10, 2024, from https://www.longhorninvestments.com
- TechTarget. "Publicly disclosed U.S. ransomware attacks database." Retrieved April 10, 2024, from https://www.techtarget.com/searchsecurity/feature/Publicly-disclosed-US-ransomware-attacks-database
- Palo Alto Networks. "Smart investments for getting ahead of ransomware." Retrieved April 10, 2024, from https://www.paloaltonetworks.com/resources/techbriefs/smart-investments-for-getting-ahead-of-ransomware
- Massachusetts Executive Office of Health and Human Services. "Assigned Data Breach Number 28624 - Longhorn III Investments, LLC." Retrieved April 10, 2024, from https://www.mass.gov/doc/assigned-data-breach-number-28624-longhorn-iii-investments-llc/download
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.