E-Z UP Hit by Meow Ransomware: 150GB of Sensitive Data Stolen
Incident Date:
August 13, 2024
Overview
Title
E-Z UP Hit by Meow Ransomware: 150GB of Sensitive Data Stolen
Victim
E-Z UP
Attacker
Meow
Location
First Reported
August 13, 2024
E-Z UP Falls Victim to Meow Ransomware Attack
E-Z UP, a leading manufacturer of instant pop-up canopy tents, has been targeted by the notorious Meow Ransomware group. The attack has resulted in the theft of over 150 GB of sensitive data, including employee information, client details, document scans, and financial records. The attackers are demanding $10,000 for the stolen data, which they are marketing to industry professionals and competitors.
About E-Z UP
Founded in 1983 by Mark Carter, E-Z UP has grown from a small operation in a Southern California garage to a global leader in portable shelters and accessories. The company is headquartered in Norco, California, and operates in over 100 countries, with additional offices in the Netherlands and Hong Kong. E-Z UP is renowned for its durable, easy-to-use canopies, which are essential for events, trade shows, and outdoor activities. Their products are known for quick setup, often taking less than 60 seconds to erect, and offer extensive customization options for branding purposes.
Attack Overview
The Meow Ransomware group has claimed responsibility for the attack on E-Z UP via their dark web leak site. The stolen data includes a wide range of sensitive information, which the attackers are offering for sale at $10,000. The data breach poses significant risks to E-Z UP's operations, reputation, and customer trust. The attackers have promised a smooth and confidential transaction process for interested buyers.
About Meow Ransomware Group
Meow Ransomware emerged in late 2022 and has been particularly active in 2024. The group is associated with the Conti v2 ransomware variant and primarily targets organizations in the United States. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. The group is known for targeting industries with sensitive data, such as healthcare and medical research, and has a reputation for posting victim data on their leak site if the ransom is not paid.
Potential Vulnerabilities
E-Z UP's extensive digital footprint and global operations make it a lucrative target for ransomware groups like Meow. The company's reliance on digital systems for managing employee data, client information, and financial records could have provided multiple entry points for the attackers. The use of RDP vulnerabilities and phishing emails are common tactics employed by ransomware groups to gain initial access to a company's network.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.