Fitzemeyer & Tocci Faces Major Ransomware Breach by Abyss Group
Incident Date:
September 23, 2024
Overview
Title
Fitzemeyer & Tocci Faces Major Ransomware Breach by Abyss Group
Victim
Fitzemeyer & Tocci Associates,
Attacker
Abyss
Location
First Reported
September 23, 2024
Ransomware Attack on Fitzemeyer & Tocci Associates by Abyss Group
Fitzemeyer & Tocci Associates, a prominent engineering firm based in Woburn, Massachusetts, has recently fallen victim to a ransomware attack orchestrated by the Abyss ransomware group. The attack has reportedly resulted in the exfiltration of 8.4 terabytes of uncompressed data, marking a significant breach in the company's cybersecurity defenses.
About Fitzemeyer & Tocci Associates
Founded in 1961, Fitzemeyer & Tocci Associates is a well-established firm specializing in mechanical, electrical, and plumbing (MEP) engineering, as well as fire protection services. The company is recognized for its expertise in facility design, construction administration, infrastructure modernization, and building optimization. With a workforce of approximately 51 to 200 employees, the firm has built a reputation for delivering innovative engineering solutions across sectors such as healthcare, education, industrial, and infrastructure projects.
Fitzemeyer & Tocci's commitment to leveraging modern technology, including the use of Autodesk Construction Cloud solutions, underscores their dedication to enhancing project management and communication. This technological adoption, while beneficial, may also present vulnerabilities that threat actors like the Abyss group could exploit.
Details of the Attack
The Abyss ransomware group, known for its multi-extortion tactics, has claimed responsibility for the attack on Fitzemeyer & Tocci. The group primarily targets VMware ESXi environments and has a history of exploiting weak SSH configurations to gain initial access. The attack on Fitzemeyer & Tocci highlights the growing threat posed by ransomware groups to mid-sized engineering firms, which may lack the comprehensive cybersecurity measures of larger enterprises.
About the Abyss Ransomware Group
Emerging in March 2023, the Abyss ransomware group has quickly established itself as a formidable threat in the cybersecurity landscape. The group is known for its TOR-based website, where it lists victims and exfiltrated data if ransom demands are not met. Abyss has targeted various industries, including finance, manufacturing, and healthcare, with a particular focus on the United States. Their operations are characterized by the use of ransomware payloads derived from the Babuk codebase, which are capable of encrypting both Windows and Linux systems.
The attack on Fitzemeyer & Tocci Associates underscores the need for organizations to remain vigilant against evolving ransomware threats and to continuously assess and strengthen their cybersecurity posture.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.