Costa Edutainment SpA Targeted by 8Base Ransomware Group
Incident Date:
May 13, 2024
Overview
Title
Costa Edutainment SpA Targeted by 8Base Ransomware Group
Victim
Costa Edutainment SpA
Attacker
8base
Location
First Reported
May 13, 2024
Ransomware Attack on Costa Edutainment SpA by 8Base
Victim Overview
Costa Edutainment SpA, headquartered in Genova, Italy, specializes in operating aquariums, theme parks, and various entertainment venues with a strong focus on educational and interactive experiences for visitors of all ages. Their unique value proposition lies in seamlessly integrating culture, science, education, performance, emotion, and amusement into unforgettable experiences. As leaders in the industry of botanical gardens, zoos, and nature reserves, Costa Edutainment SpA provides a holistic approach to entertainment, enriching the minds of its patrons while providing enjoyment.
Company Vulnerabilities
The company was targeted by the 8Base ransomware group, known for its aggressive tactics and double-extortion methods. The company's vulnerabilities likely stem from the sensitive nature of the data they handle, including personal information, accounting documents, and more.
Attack Overview
The cyberattack on Costa Edutainment SpA led to the exposure of various confidential data, such as invoices, receipts, personal files, and more. The leaked data was fully published, indicating a significant breach of security.
Ransomware Group: 8Base
The 8Base ransomware group has gained notoriety for its aggressive tactics and double-extortion methods. They utilize ransomware strains like Phobos and target small to medium-sized businesses across various sectors. 8Base likely penetrated Costa Edutainment SpA's systems through phishing emails, exploit kits, or drive-by downloads. The use of double-extortion tactics adds pressure on victims to pay the ransom.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.