Cactus Ransomware Strikes Ghim Li Global Pte Ltd

Incident Date:

April 23, 2024

World map



Cactus Ransomware Strikes Ghim Li Global Pte Ltd


Ghim Li Global Pte Ltd




Singapore, Singapore

, Singapore

First Reported

April 23, 2024

Ghim Li Global Pte Ltd Targeted by Cactus Ransomware Group

Company Profile

Ghim Li Global Pte Ltd, established in 1977 by Mdm Estina Ang in Singapore, has evolved from a modest beginning with just six sewing machines to a prominent player in the global textile and apparel manufacturing industry. With a workforce exceeding 9,000 employees, Ghim Li stands out for its commitment to social responsibility and high-quality production standards. The company's integrated supply chain solutions and emphasis on fabric innovation and quality control have positioned it as a leader in the production of lifestyle knitwear apparel.

Details of the Ransomware Attack

The Cactus ransomware group, known for its sophisticated ransomware-as-a-service operations, claimed responsibility for the attack on Ghim Li Global Pte Ltd. The attack compromised the company's website and led to the exfiltration of 88 GB of data, including sensitive personally identifiable information (PII). Following the expiration of the ransom deadline, the attackers published the stolen data, significantly impacting the company's operations and reputation.

Vulnerabilities and Targeting

The company's significant digital footprint and extensive data repositories made it an attractive target for the Cactus group. The company's reliance on interconnected digital systems for managing its vast supply chain likely presented multiple attack vectors for the cybercriminals. Additionally, the high value of the stolen data, including PII, provided a lucrative opportunity for ransom demands and potential data sale on dark web markets.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.