donutleaks attacks Sando&Co
Incident Date:
August 24, 2022
Overview
Title
donutleaks attacks Sando&Co
Victim
Sando&Co
Attacker
Donutleaks
Location
First Reported
August 24, 2022
Sando & Co. Targeted by DonutLeaks Ransomware Group
Company Profile
Sando & Co., a manufacturing company based in India, has been targeted by the DonutLeaks ransomware group, as claimed on the group's dark web leak site. The company's website provides information about their commitment to offering value for money and stylish, comfortable garments at affordable rates. Sando & Co. is a first-generation entrepreneurial venture led by Anup Rungta, who has over two decades of experience in the hosiery industry. The company has been growing rapidly by expanding its product line and range.
Industry Standout
Sando & Co. stands out in the manufacturing sector by focusing on providing quality products at affordable prices, which has contributed to its success over the years.
Vulnerabilities
The ransomware attack on Sando & Co. highlights the company's vulnerability to cyber threats, particularly in the manufacturing sector, where digital transformation and increased connectivity have led to an increased risk of cyber attacks. The attack may have been facilitated by outdated software, weak security protocols, or a lack of employee training on cybersecurity best practices.
DonutLeaks Ransomware Group
DonutLeaks is a ransomware group that has been observed deploying ransomware in double-extortion attacks, where they encrypt files and threaten to leak stolen data unless a ransom is paid. The group has been linked to attacks on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando.
Mitigation Strategies
To mitigate the risk of ransomware attacks, companies should implement robust cybersecurity measures, such as regular software updates, employee training, and multi-factor authentication. Additionally, companies should have a disaster recovery plan in place to minimize the impact of a ransomware attack.
Sources
- sando.co.in
- SC Magazine: Recent Ransomware Attacks Associated with New Extortion Group
- SC Magazine: Ransomware Deployed in Donut Leaks Extortion Attacks
- Thales Group: Cybersecurity Insights
- TechMonitor: Donut Agilitas Ransomware
- BleepingComputer: Donut Extortion Group Also Targets Victims with Ransomware
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.