Fidelia Consulting Hit by Dispossessor Group Ransomware: Impact and Response

Incident Date:

July 12, 2024

World map

Overview

Title

Fidelia Consulting Hit by Dispossessor Group Ransomware: Impact and Response

Victim

Fidelia Consulting

Attacker

Dispossessor

Location

Nanterre, France

, France

First Reported

July 12, 2024

Ransomware Attack on Fidelia Consulting by Dispossessor Group

Company Profile: Fidelia Consulting

Fidelia Consulting is a professional accounting firm based in Nanterre, near the La Défense business district in France. The firm specializes in providing a comprehensive array of accounting and consulting services tailored to meet the needs of various clients, including businesses, associations, restaurants, and individual freelancers. With over 13 years of experience and a team of 15 professionals, Fidelia Consulting is known for its client-centric approach and sector-specific expertise.

Attack Overview

On July 11, 2024, Fidelia Consulting fell victim to a cyberattack orchestrated by the cybercriminal group known as Dispossessor. The attack led to a significant security breach, although the extent of the data compromised remains unknown. The impact on Fidelia Consulting's operations and client data is yet to be fully disclosed.

About Dispossessor Ransomware Group

Dispossessor emerged in the ransomware scene following a crackdown on the notorious LockBit group. The group operates under a Ransomware-as-a-Service (RaaS) model, allowing affiliates to distribute ransomware and execute attacks. Dispossessor distinguishes itself by functioning primarily as data brokers, publishing data leaks from other groups. Their website closely resembles the original LockBit site, suggesting a possible rebranding effort or new operators leveraging LockBit’s infrastructure.

Potential Vulnerabilities

Fidelia Consulting's reliance on digital systems for managing sensitive financial data makes it a prime target for ransomware attacks. The firm's extensive client portfolio and the critical nature of its services further increase its attractiveness to threat actors. The exact method of penetration remains unclear, but common vectors include phishing emails, exploiting software vulnerabilities, and leveraging weak security protocols.

Implications and Next Steps

The attack on Fidelia Consulting underscores the growing threat of ransomware to professional services firms. As the investigation continues, it is crucial for the firm to assess the full impact of the breach and implement robust security measures to prevent future incidents. The incident also highlights the need for continuous vigilance and advanced cybersecurity strategies in the face of evolving cyber threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.