donutleaks attacks Sando&Co

Incident Date:

August 24, 2022

World map

Overview

Title

donutleaks attacks Sando&Co

Victim

Sando&Co

Attacker

Donutleaks

Location

Limassol, Cyprus

Limassol, Cyprus

First Reported

August 24, 2022

Sando & Co. Targeted by DonutLeaks Ransomware Group

Company Profile

Sando & Co., a manufacturing company based in India, has been targeted by the DonutLeaks ransomware group, as claimed on the group's dark web leak site. The company's website provides information about their commitment to offering value for money and stylish, comfortable garments at affordable rates. Sando & Co. is a first-generation entrepreneurial venture led by Anup Rungta, who has over two decades of experience in the hosiery industry. The company has been growing rapidly by expanding its product line and range.

Industry Standout

Sando & Co. stands out in the manufacturing sector by focusing on providing quality products at affordable prices, which has contributed to its success over the years.

Vulnerabilities

The ransomware attack on Sando & Co. highlights the company's vulnerability to cyber threats, particularly in the manufacturing sector, where digital transformation and increased connectivity have led to an increased risk of cyber attacks. The attack may have been facilitated by outdated software, weak security protocols, or a lack of employee training on cybersecurity best practices.

DonutLeaks Ransomware Group

DonutLeaks is a ransomware group that has been observed deploying ransomware in double-extortion attacks, where they encrypt files and threaten to leak stolen data unless a ransom is paid. The group has been linked to attacks on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando.

Mitigation Strategies

To mitigate the risk of ransomware attacks, companies should implement robust cybersecurity measures, such as regular software updates, employee training, and multi-factor authentication. Additionally, companies should have a disaster recovery plan in place to minimize the impact of a ransomware attack.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.