lorenz attacks Bonneville
Incident Date:
June 27, 2022
Overview
Title
lorenz attacks Bonneville
Victim
Bonneville
Attacker
Lorenz
Location
First Reported
June 27, 2022
Bonneville Collections Suffers Ransomware Attack
Company Overview
Bonneville Collections, a debt recovery agency with a history dating back to 1980, has been targeted by the ransomware group Lorenz. The attack was announced on the group's dark web leak site. Bonneville Collections is a member of ACA International, the largest consortium of collection agencies in the U.S. They participate in several ACA programs, including the Healthcare Services Program, the Internet & Check Services Program, and the Government Services Program. The company also holds memberships in various state and local chambers of commerce in the states they operate.
Vulnerabilities
The specific vulnerabilities that led to the ransomware attack on Bonneville Collections have not been publicly disclosed. Nonetheless, ransomware attacks frequently exploit software weaknesses, outdated systems, or human errors, such as phishing emails or inadequately secured remote access points.
Impact
Ransomware attacks can significantly disrupt a company's operations by encrypting data and demanding payment for the decryption key. The financial and reputational repercussions can be profound, with recovery often being a protracted and expensive endeavor.
Response
The response to a ransomware attack typically includes isolating the compromised systems, evaluating the damage's scope, and determining whether to pay the ransom or attempt data recovery independently. In certain instances, law enforcement agencies may offer assistance in identifying and apprehending the perpetrators.
The ransomware attack on Bonneville Collections underscores the persistent threat posed by cybercriminals. It is imperative for companies to maintain vigilance and adopt comprehensive cybersecurity measures to mitigate the risk of such attacks.
Sources
- Bonneville Collections: https://www.bonncoll.com/
- Cyberattack: Wikipedia: https://en.wikipedia.org/wiki/Cyberattack
- Ransomware Posts: GitHub Pages: https://privtools.github.io/ransomposts/
- 5G IP Appendices: National Telecommunications and Information Administration: https://www.ntia.gov/sites/default/files/publications/5g_ip_appendices_1-5_0.pdf
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.