conti attacks Acuity Brands

Incident Date:

January 15, 2022

World map



conti attacks Acuity Brands


Acuity Brands




New York, USA

New York, USA

First Reported

January 15, 2022

Acuity Brands Suffers Ransomware Attack

Company Overview

Acuity Brands, a global leader in the lighting and building management industry, offers a comprehensive portfolio that includes LED lighting, controls, and energy management systems. The company is celebrated for its dedication to sustainability, earning numerous accolades for its energy-efficient innovations.

Vulnerabilities and Impact

The ransomware attack on Acuity Brands underscores the significant risks businesses face, particularly in the manufacturing sector. Such attacks can lead to operational disruptions, financial losses, and damage to the company's reputation. While the full extent of the damage from this specific attack remains unclear, it is evident that Acuity Brands' data and systems may have been severely compromised.

Ransomware as a Service

The Conti ransomware group, which targeted Acuity Brands, operates using a Ransomware as a Service (RaaS) model. This approach enables individuals with limited technical skills to execute ransomware attacks, thereby expanding the group's reach and profitability without direct involvement in the attacks.

Mitigation Strategies

To defend against ransomware threats, organizations should adopt comprehensive security measures. These include conducting regular data backups, enforcing strong access controls, and utilizing advanced security software. Furthermore, educating employees on the risks of phishing scams and other social engineering tactics is crucial for preventing such cyber attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.