Doyon, Limited Faces Cyberattack by Black Basta Ransomware Group
Incident Date:
April 18, 2024
Overview
Title
Doyon, Limited Faces Cyberattack by Black Basta Ransomware Group
Victim
Doyon, Limited
Attacker
Blackbasta
Location
First Reported
April 18, 2024
Doyon, Limited Targeted by Black Basta Ransomware Group
Company Profile
Doyon, Limited is the regional Alaska Native corporation for Interior Alaska, with a diverse portfolio that spans oil field services, government contracting, utilities, construction, IT, natural resources development, tourism, and real estate. The company boasts over 20,500 shareholders and generates revenues exceeding $1.5 billion. With a workforce of approximately 1,200 employees, the company stands out in its industry due to its significant economic impact and broad range of operations.
Attack Overview
The ransomware attack on Doyon, Limited in Interior Alaska, perpetrated by the Black Basta group, resulted in the theft of 700 GB of sensitive data, including financial and employee records. Therefore, the company must now address the breach, restore system integrity, and navigate regulatory and reputational challenges.
Vulnerabilities
The scale of Doyon's operations and its extensive data repositories make it an attractive target for cybercriminals. The diverse nature of its business units, coupled with substantial financial transactions and personal data handling, likely contributed to its risk profile, making it a prime candidate for ransomware attacks such as the one conducted by Black Basta.
Sources
- Doyon, Limited - Official Website
- PitchBook - Doyon, Limited Profile
- NAICS - Doyon, Limited Company Profile
- LinkedIn - Doyon, Limited
- ZoomInfo - Doyon, Ltd.
- Proven Data - Black Basta Ransomware
- SOCRadar - Black Basta Ransomware Profile
- Trend Micro - Ransomware Spotlight: BlackBasta
- HHS.gov - Black Basta Threat Profile
- Unit42 - Threat Assessment: Black Basta Ransomware
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.