Council for Relationships Targeted in Ransomware Attack by 8Base Group

Incident Date:

April 15, 2024

World map

Overview

Title

Council for Relationships Targeted in Ransomware Attack by 8Base Group

Victim

Council for Relationships

Attacker

8base

Location

Philadelphia, USA

Pennsylcania, USA

First Reported

April 15, 2024

Ransomware Attack on Council for Relationships by 8Base Group

Attack Overview

The Council for Relationships, a non-profit organization based in the USA, recently fell victim to a ransomware attack by the notorious cybercriminal group 8Base. The attack involved the encryption of sensitive data including personal data, employment contracts, and confidential agreements.

Company Profile

The organization specializes in therapy services focusing on relationships, offering individual, couple, and family therapy. They employ over 80 clinical interns and are known for their systemic approach to counseling. This non-profit organization stands out in the healthcare services sector for its emphasis on relationship dynamics within mental health treatment.

Despite their commendable work, the nature of their services involves handling extensive sensitive data, which may have made them an attractive target for cybercriminals like 8Base.

Details on the 8Base Ransomware Group

8Base has been active from a couple of years ago and is known for targeting SMBs across various sectors with a preference for double-extortion tactics. This involves not only encrypting the victim's data but also threatening to publish it unless a ransom is paid. Their operations typically involve the use of phishing emails, exploit kits, and leveraging initial access brokers.

Implications and Ongoing Concerns

The attack on the Council for Relationships highlights the ongoing threat posed by ransomware groups to organizations handling sensitive data. The healthcare sector, despite its critical importance, remains particularly vulnerable due to the vast amounts of personal and confidential information processed.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.