Belzona UK Ltd Targeted by MetaEncryptor Ransomware

Incident Date:

May 7, 2024

World map

Overview

Title

Belzona UK Ltd Targeted by MetaEncryptor Ransomware

Victim

Belzona UK Ltd

Attacker

MetaEncryptor

Location

Harrogate, United Kingdom

, United Kingdom

First Reported

May 7, 2024

Ransomware Attack on Belzona UK Ltd by MetaEncryptor

Victim Profile

Belzona UK Ltd, a leading provider of repair composites, coatings, and protective materials for industrial equipment and machinery, was targeted in a ransomware attack by the group known as "MetaEncryptor." The company specializes in erosion, corrosion, and chemical protection solutions, catering to various industries, including the petrochemical sector.

Company Overview

Belzona UK Ltd, with over 60 years of experience, offers innovative solutions for industrial maintenance issues such as erosion, corrosion, and wear. Their products, like Belzona SuperWrap II, are designed to provide long-term protection and reduce downtime for clients in need of repair and refurbishment services.

Industry Standing

Belzona UK Ltd stands out in the manufacturing sector for its commitment to innovation, customer satisfaction, and global presence. With headquarters in the UK and a network of distributors worldwide, the company has earned international accreditations and a reputation for high-performance solutions.

Ransomware Group Tactics

MetaEncryptor, the ransomware group behind the attack on Belzona UK Ltd, is known for its sophisticated tactics and data exfiltration capabilities. By encrypting the company's systems and exfiltrating approximately 178 GB of sensitive data, including financial documents and databases, the attackers demonstrated their ability to cause significant harm and leverage the stolen information for ransom demands.

Vulnerabilities

As a company operating in the manufacturing sector, Belzona UK Ltd may have been targeted by threat actors due to the valuable intellectual property and sensitive data they possess. The nature of their business, dealing with industrial equipment and machinery, makes them a prime target for cyberattacks seeking to disrupt operations and steal proprietary information.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.