Herbal Havoc: Gaia Herbs Hit by Blacksuit Ransomware Assault

Incident Date:

April 2, 2024

World map



Herbal Havoc: Gaia Herbs Hit by Blacksuit Ransomware Assault


Gaia Herbs


Black Suit


Brevard, USA

North Carolina, USA

First Reported

April 2, 2024

Gaia Herbs Suffers Ransomware Attack by Blacksuit Group


On April 03, 2024, the ransomware group Blacksuit claimed responsibility for an attack on Gaia Herbs, a company that manufactures and sells medicinal herbs, offering single herbs, liquid herbal extracts, herbal teas, and Gaia organic products. Gaia Herbs operates in the Healthcare Services sector and is known for its commitment to quality and sustainability.

Industry Standout

Gaia Herbs is a well-known brand in the herbal supplement industry, with a strong focus on quality and sustainability. The company has achieved the Regenerative Organic Certification (ROC)™ at the silver level, which considers soil health, farmworker fairness, and animal welfare. They are also committed to transparency in sourcing, going to great lengths to find the best ingredients from farmers who know the land, soil, and plants better than anyone.

Despite their commitment to quality and sustainability, Gaia Herbs has been targeted by threat actors. The size of the company is not explicitly mentioned in the search results, but it is known that they have a 350-acre farm in the Blue Ridge Mountains of North Carolina.

Attack Details

Gaia Herbs has experienced a data breach in 2024. The leak size has not been reported and the threat actor has been identified as Blacksuit.

The Blacksuit ransomware group is known for its attacks on various industries, including healthcare services. The group operates on the dark web and has a history of targeting companies with significant data and financial assets.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.