hiveleak attacks Massy distribution

Incident Date:

July 4, 2022

World map

Overview

Title

hiveleak attacks Massy distribution

Victim

Massy distribution

Attacker

Hiveleak

Location

Carifta Ave, Jamaica

Kingston, Jamaica

First Reported

July 4, 2022

Massy Distribution Jamaica Ltd Suffers Ransomware Attack by Hiveleak Group

Massy Distribution Jamaica Ltd, a key player in the Jamaican market and a subsidiary of the Neal and Massy Group of Companies, recently fell victim to a ransomware attack orchestrated by the Hiveleak group. This incident marks a significant breach, with the company having a longstanding presence in Jamaica, distributing a wide array of over 100 consumer and pharmaceutical brands across the nation.

The cyberattack was executed on April 28, 2022, when Hiveleak infiltrated Massy Distribution's systems, encrypting data and demanding a ransom for its release. The breach was identified two weeks post-attack, prompting immediate action from the company to engage technical experts for investigation and remediation.

The scope of the data breach was substantial, with Hiveleak releasing 87,550 folders and 704,047 corporate files onto the dark web. This leaked data encompassed financial records, human resource documents, and operational information, posing a risk of exposing sensitive corporate and personal information.

While Massy Distribution Jamaica Ltd has not confirmed the extent to which customer data was compromised, the company is actively working to identify and notify all potentially affected parties. Despite the breach, the incident has been contained, and the company's systems, including its Enterprise Resource Planning software, remain secure.

The Hiveleak ransomware group operates on an affiliate-based model, which allows cybercriminals to deploy the ransomware as a service. This attack on Massy Distribution Jamaica Ltd underscores the escalating trend of ransomware attacks targeting businesses, emphasizing the critical need for comprehensive cybersecurity defenses.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.