hiveleak attacks XEIAD

Incident Date:

May 28, 2022

World map



hiveleak attacks XEIAD






Manners Ave, United Kingdom

Ilkeston, United Kingdom

First Reported

May 28, 2022

XEIAD Construction Firm Targeted by HiveLeak Ransomware Group

XEIAD, a construction firm operating at, has been targeted by the HiveLeak ransomware group, as announced on their dark web leak site. The company, which operates in the construction sector, has been affected by the ALPHV ransomware, also known as BlackCat, which is part of the Ransomware as a Service (RaaS) operations.

Company Overview

XEIAD is a construction firm, but the specific size and unique aspects of the company are not provided in the search results. The company's website does not offer detailed information about its operations, services, or projects.

Industry Vulnerabilities

The construction industry is a significant target for ransomware attacks due to the sensitive nature of the data they handle, including project plans, client information, and financial data. Construction firms often have outdated systems and lack the resources to invest in robust cybersecurity measures, making them vulnerable to attacks.

Ransomware Attack

The ALPHV ransomware, also known as BlackCat, is a RaaS operation that supports execution on Windows, Linux-based operating systems, and VMWare ESXi. It can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers to maximize the amount of ransomed data. The ransomware can also self-propagate by using PsExec to remote execute itself on other hosts on the local network.

The attack on XEIAD by the HiveLeak ransomware group highlights the vulnerabilities of the construction industry to cyber threats. Despite the sensitive nature of the data they handle, many construction firms lack the resources to invest in robust cybersecurity measures, making them attractive targets for ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.