Belzona UK Ltd Targeted by MetaEncryptor Ransomware
Incident Date:
May 7, 2024
Overview
Title
Belzona UK Ltd Targeted by MetaEncryptor Ransomware
Victim
Belzona UK Ltd
Attacker
MetaEncryptor
Location
First Reported
May 7, 2024
Ransomware Attack on Belzona UK Ltd by MetaEncryptor
Victim Profile
Belzona UK Ltd, a leading provider of repair composites, coatings, and protective materials for industrial equipment and machinery, was targeted in a ransomware attack by the group known as "MetaEncryptor." The company specializes in erosion, corrosion, and chemical protection solutions, catering to various industries, including the petrochemical sector.
Company Overview
Belzona UK Ltd, with over 60 years of experience, offers innovative solutions for industrial maintenance issues such as erosion, corrosion, and wear. Their products, like Belzona SuperWrap II, are designed to provide long-term protection and reduce downtime for clients in need of repair and refurbishment services.
Industry Standing
Belzona UK Ltd stands out in the manufacturing sector for its commitment to innovation, customer satisfaction, and global presence. With headquarters in the UK and a network of distributors worldwide, the company has earned international accreditations and a reputation for high-performance solutions.
Ransomware Group Tactics
MetaEncryptor, the ransomware group behind the attack on Belzona UK Ltd, is known for its sophisticated tactics and data exfiltration capabilities. By encrypting the company's systems and exfiltrating approximately 178 GB of sensitive data, including financial documents and databases, the attackers demonstrated their ability to cause significant harm and leverage the stolen information for ransom demands.
Vulnerabilities
As a company operating in the manufacturing sector, Belzona UK Ltd may have been targeted by threat actors due to the valuable intellectual property and sensitive data they possess. The nature of their business, dealing with industrial equipment and machinery, makes them a prime target for cyberattacks seeking to disrupt operations and steal proprietary information.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.