blackbasta attacks A G Equipment Company

Incident Date:

October 19, 2022

World map



blackbasta attacks A G Equipment Company


A G Equipment Company




Broken Arrow, USA

Oklahoma, USA

First Reported

October 19, 2022

A G Equipment Company Suffers Ransomware Attack

Company Overview

A G Equipment Company, a key player in the Energy, Utilities & Waste sector, known for its compressor packaging solutions, has recently fallen victim to a ransomware attack by the group Blackbasta. This incident was disclosed on the group's dark web leak site. A G Equipment Company, located in Broken Arrow, OK, specializes in both reciprocating and rotary screw compressors for a variety of applications.

The company is an integral part of AGCO Corporation, a global leader in the design, manufacture, and distribution of agricultural machinery and precision ag technology. AGCO's extensive brand portfolio includes notable names such as Challenger®, Fendt®, GSI®, Massey Ferguson®, Precision Planting®, and Valtra®. In 2021, the company reported net sales of approximately $11.1 billion.

Vulnerabilities and Impact

The ransomware attack has significantly disrupted A G Equipment Company's operations. The full extent of the damage and the impact on AGCO's production facilities are currently under investigation. This disruption could potentially lead to delays in the delivery of equipment and services. The company is in the process of determining the scope of data exfiltration that occurred during the attack.

Industry Context

The agricultural sector, including farming equipment manufacturers like AGCO, is increasingly being recognized as a target for ransomware attacks, especially during critical planting and harvesting seasons. In response, entities such as the FBI have issued warnings and provided guidance aimed at mitigating the risks associated with these cyber threats.

The ransomware attack on A G Equipment Company underscores the persistent cyber threats facing the energy, utilities, and waste sectors. It emphasizes the importance of prioritizing cybersecurity measures to mitigate the risks of similar attacks in the future.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.