Cybersecurity Breach: The Line Up, Inc. Falls Victim to 8Base Ransomware

Incident Date:

April 29, 2024

World map

Overview

Title

Cybersecurity Breach: The Line Up, Inc. Falls Victim to 8Base Ransomware

Victim

The Line Up, Inc

Attacker

8base

Location

Eden Prairie, USA

Minnesota, USA

First Reported

April 29, 2024

Ransomware Attack on The Line Up, Inc. by 8Base Group

Company Profile

The Line Up, Inc., a division of Dedal Designs, Inc., is a custom performance apparel company based in Eden Prairie, Minnesota. Founded in 1989, the company has grown to employ over 55 individuals, specializing in designing and manufacturing costumes for dance teams, cheerleaders, and synchronized skaters. The company is recognized for its commitment to high-quality, made-in-the-USA apparel and exceptional customer service. Despite varying reported revenue figures, with estimates ranging from $1.8 million to $6.6 million, The Line Up maintains a strong market presence in the custom performance apparel industry.

Details of the Ransomware Attack

The company's website recently fell victim to a ransomware attack orchestrated by the notorious 8Base group. The cybercriminals managed to exfiltrate a significant amount of sensitive data, including invoices, receipts, accounting documents, and personal employee information.

The 8Base ransomware group, active since April 2022, is known for its aggressive double-extortion tactics. This method not only involves encrypting the victim’s files but also stealing data and threatening its release if the ransom is not paid. 8Base typically targets small and medium-sized businesses across various sectors and is believed to distribute its ransomware via phishing emails, exploit kits, and drive-by downloads. The group uses a variant of Phobos ransomware, marked by the ".8base" extension on encrypted files.

Vulnerabilities and Industry Impact

The company, like many small to medium-sized enterprises, may be perceived as an ideal target due to potentially less robust cybersecurity measures compared to larger corporations. The nature of their business involves handling a considerable amount of sensitive client and employee data, which increases the risk and potential impact of data breaches and ransomware attacks. This incident underscores the critical need for enhanced security protocols in the custom apparel and consumer services sectors.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.