Ransomware Attack on Agate Inc. by Play Ransomware Group

Company Profile

Established in 1973, Agate Construction Company, also known as Agate Inc., operates as a construction firm in Arizona, United States. With a focus on delivering innovative solutions to challenging construction projects, it provides general construction, steel fabrication, and pre-engineered metal buildings for industrial and commercial markets. Its services encompass general contracting, construction management at risk, budget development, conceptual estimating, design build, logistics development, and Building Information Modeling (BIM). Agate Construction Company, headquartered in Scottsdale, Arizona, employs a team of 112 individuals and operates with a total funding amount of less than $5 million.

Industry Standing

Agate Inc. has maintained a prominent presence in the construction industry, offering a wide range of services, including steel fabrication and pre-engineered metal buildings. Setting itself apart from competitors, the company is recognized for its focus on innovation and its ability to tackle challenging projects.

Vulnerabilities

Targeting Agate Inc., threat actors like the Play Ransomware group exploited vulnerabilities such as exposed RDP servers and known weaknesses like FortiOS and Microsoft Exchange. These vulnerabilities provided initial access to the company's systems, facilitating ransomware attacks and the exfiltration of sensitive data. The ransomware group Play has announced to have extracted private and personal confidential data, client documents, budgets, payroll information, accounting records, contracts, tax documents, IDs, and financial information in this attack to the company.

Sources

• Agate Construction Co. LinkedIn
• Agate Inc. ZoomInfo
• Agate Construction Inc. LinkedIn
• Agate Steel Website
• CyberInt - Play Ransomware
• SocRadar - Play Ransomware
• IC3 - Play Ransomware
• Proven Data - Play Ransomware
• Dark Reading - Play Ransomware