BianLian attacks Earlens Corporation

Incident Date:

May 30, 2023

World map



BianLian attacks Earlens Corporation


Earlens Corporation




Menlo Park, USA

California, USA

First Reported

May 30, 2023

Earlens Corporation Targeted in Ransomware Attack

The Earlens Corporation, a US based medical equipment manufacturer, has reportedly been hit with a ransomware attack. The BianLian ransomware group has claimed responsibility for the attack, allegedly stealing 1.8TB of company information, including: HR data, Financial data, Accounting data, Personal data, and Shareholder data.

BianLian uploaded the Earlens Corporation to its dark web blog page on May 30, but the Earlens Corporation is yet to confirm the attack. Founded in 2005, Earlens designs and manufactures high-end hearing aids and employs around 200 people. Headquartered in Menlo Park, California, the organization has received significant press attention in recent years, with Forbes and the Time Magazine Top 100 Inventions featuring their flagship products.

About BianLian Ransomware Gang

BianLian ransomware gang, which first appeared in June 2022, is a ransomware developer, deployer, and data extortion cybercriminal group. It primarily targets US critical infrastructure but has also attacked professional services, property development, and Australian critical infrastructure sectors.

The ransomware group leverages Remote Desktop Protocol (RDP) credentials to gain access to victims’ systems, using open-source tools and command-line scripting for discovery and credential harvesting, and finally exfiltrating victim data via File Transfer Protocol (FTP), Rclone, or Mega. BianLian then hold organizations to ransom, threatening to release the stolen data if the victim fails to pay up.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.