HireBus: A Cybersecurity Incident with DarkVault Ransomware

Incident Date:

April 11, 2024

World map



HireBus: A Cybersecurity Incident with DarkVault Ransomware






New York, USA

New York, USA

First Reported

April 11, 2024

DarkVault Ransomware Attack on HireBus

Company Overview

HireBus, a company operating in the Business Services sector, provides home service business owners with access to research-backed behavioral assessments. With over twenty years of experience, the company aims to help business owners make informed hiring decisions quickly and accurately. They serve a wide range of clients, including those struggling to fill positions and retain employees. According to their LinkedIn page, HireBus has a team of 11-50 employees.

Industry Standing

What sets HireBus apart in the industry is their focus on providing home service business owners with behavioral assessments that have been taken by millions of people. This data-driven approach helps clients find qualified candidates who are the right fit for their roles and businesses, ultimately improving hiring efficiency and success rates.

Attack and Vulnerabilities

On April 11, the ransomware group DarkVault claimed a cybercriminal attack on Hirebus. The cybercriminal group DarkVault has published all stolen files from the ransomware attack on the business, as of the time of writing this article.

As a privately held company, HireBus may be more vulnerable to cyber attacks due to potentially limited resources for cybersecurity measures. The nature of their business, which involves handling sensitive data related to behavioral assessments, could make them a target for threat actors seeking to exploit such information for financial gain.


HireBus Website


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.