Le Vian Jewelry Company Targeted in Ransomware Attack by BlackBasta
Incident Date:
May 20, 2024
Overview
Title
Le Vian Jewelry Company Targeted in Ransomware Attack by BlackBasta
Victim
Le Vian
Attacker
Blackbasta
Location
First Reported
May 20, 2024
Le Vian Jewelry Company Targeted in Ransomware Attack by BlackBasta
Victim Overview
Le Vian, a renowned family-owned jewelry company with a rich history dating back to the 15th century, has recently become the target of a ransomware attack by the cybercrime group BlackBasta. The company is known for its innovative designs, particularly in the use of natural fancy-color diamonds and gemstones, and is famous for popularizing the term "Chocolate Diamonds."
The company specializes in creating high-end jewelry pieces, including rings, necklaces, bracelets, and earrings. The company's commitment to quality, unique designs, and philanthropic efforts has set it apart in the jewelry industry.
Attack Overview
The ransomware attack on Le Vian occurred in May 2024, with BlackBasta managing to exfiltrate 800GB of data from the company's systems. This data included sensitive information related to the company's operations, as well as potentially personal data of employees and customers. The attack was discovered on May 21, 2024, highlighting the ongoing threats faced by organizations from sophisticated ransomware groups.
Ransomware Group: BlackBasta
BlackBasta is a ransomware operator and Ransomware-as-a-Service (RaaS) criminal enterprise that emerged in early 2022. The group is known for its targeted attacks on organizations in various countries, employing double extortion tactics to extort ransom payments from victims. BlackBasta has targeted over 500 organizations worldwide and has made significant financial gains from its ransomware operations.
Penetration and Vulnerabilities
The ransomware group distinguishes itself through its sophisticated tactics, including initial access through spear-phishing campaigns, insider information, and lateral movement within target networks. The group utilizes tools like QakBot and Cobalt Strike Beacons to maintain control over compromised systems and exfiltrate sensitive data before encrypting files. Le Vian's vulnerabilities may have included gaps in their cybersecurity defenses, allowing BlackBasta to infiltrate their systems and carry out the ransomware attack.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.