hiveleak attacks Haselden Construction

Incident Date:

January 25, 2022

World map



hiveleak attacks Haselden Construction


Haselden Construction




Centennial, USA

Colorado, USA

First Reported

January 25, 2022

Haselden Construction Suffers Ransomware Attack

Overview of the Incident

Haselden Construction, a prominent Colorado-based construction firm, recently fell victim to a ransomware attack orchestrated by the group known as HiveLeak. This incident was disclosed on the group's dark web leak site. Haselden Construction, celebrated for its status as a Top Place to Work by the Denver Post for seven consecutive years, is renowned for its collaborative culture emphasizing trust, respect, and open communication. The company has a rich history of over 50 years in constructing significant and impactful projects, including the expansion of the University of Colorado Boulder Business and Engineering School.

Company Profile and Vulnerabilities

Despite the lack of explicit details regarding the company's size, Haselden Construction boasts a diverse team of professionals across various departments, underscoring its capability to undertake projects of any size or complexity. The construction sector, including Haselden, faces heightened risks of ransomware attacks, attributed to the industry's increasing reliance on digital technologies and data. With the average cost of a data breach in the United States nearing $9 million, the imperative for stringent cybersecurity measures and data protection protocols is more pronounced than ever.

Implications and Preventative Measures

The ransomware attack on Haselden Construction underscores a growing trend of cyber threats within the construction industry. To combat these threats, companies are urged to adopt comprehensive cybersecurity strategies. This includes the development of a detailed disaster recovery plan, regular reviews and testing of such plans, and ongoing education and training for employees to recognize and mitigate potential cyber threats effectively.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.