everest attacks AFG Canada

Incident Date:

January 19, 2022

World map



everest attacks AFG Canada


AFG Canada




chelmsford, Canada

Richmond, Canada

First Reported

January 19, 2022

AFG Canada Suffers Ransomware Attack

Overview of the Incident

AFG Canada, a prominent Canadian credit union known for its unique lease program, recently fell victim to a ransomware attack by the Everest group. The attack was disclosed on the group's dark web leak site, highlighting the ongoing threat of ransomware to financial institutions.

Impact on AFG Canada

The proprietary lease program offered by AFG Canada is a cornerstone of its service, enabling credit unions to generate new revenue streams and stand out in a competitive market. This program is particularly designed to be accessible for credit unions of any size, providing a turnkey solution for indirect leasing without the need for significant upfront investment or increased staffing.

While the specific vulnerabilities exploited in the attack are not detailed, the consequences of such ransomware incidents can be devastating. Potential impacts include operational downtime, permanent loss of critical data, theft of intellectual property, breaches of privacy, reputational damage, and significant financial costs associated with recovery efforts.

Ransomware: A Persistent Threat

Ransomware operates by encrypting the victim's files and demanding payment for their release. Failure to comply often results in the permanent loss of data or its sale on the dark web, posing a severe risk to affected organizations.

AFG Canada's Lease Program

The AFG Canada Lease Program is an innovative service that enables credit unions to enhance their profitability, attract new members, and diversify their revenue sources. By offering a consumer-friendly alternative to traditional banking and auto financing, credit unions can better retain and expand their membership base. The program's turnkey nature and customization options make it a valuable tool for credit unions aiming to quickly establish a competitive leasing portfolio.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.