Medusa Ransomware Hits Houston-Based IT Firm Percento Technologies
Incident Date:
August 20, 2024
Overview
Title
Medusa Ransomware Hits Houston-Based IT Firm Percento Technologies
Victim
Percento Technologies Internationa
Attacker
Medusa
Location
First Reported
August 20, 2024
Medusa Ransomware Group Targets Percento Technologies International
Percento Technologies International, a professional IT services firm based in Houston, Texas, has recently fallen victim to a ransomware attack orchestrated by the Medusa ransomware group. The attackers have threatened to publish the company's data within 8-9 days, providing sample screenshots on their dark web portal as proof of their breach. This incident highlights the increasing threat of ransomware attacks on IT service providers and the critical need for effective cybersecurity measures.
About Percento Technologies International
Founded in 1999, Percento Technologies International specializes in managed IT services and technology solutions for businesses. With a revenue of approximately $5.8 million and a small team of around 12 employees, the company has established itself as a partner for organizations seeking to optimize their IT management and infrastructure. Percento's core offerings include managed IT services, consulting, and migration services, which help businesses in their digital transformation journeys. The firm is recognized for its commitment to creating innovative technology solutions tailored to business leaders.
Attack Overview
The Medusa ransomware group has claimed responsibility for the attack on Percento Technologies International. The group has threatened to publish the company's data within 8-9 days if their demands are not met. The attackers have already provided sample screenshots on their dark web portal as proof of their breach. This attack underscores the growing threat of ransomware attacks on IT service providers, which are often targeted due to their access to sensitive client data and critical IT infrastructure.
About Medusa Ransomware Group
Medusa is a ransomware group that emerged in late 2022 and gained notoriety throughout 2023. Operating as a Ransomware-as-a-Service (RaaS) platform, the group allows affiliates to use its ransomware to launch attacks. Medusa is distinct from other groups like MedusaLocker and has been involved in various high-profile attacks targeting multiple sectors globally. The group's ransomware is designed to kill numerous applications and services to prevent detection and mitigation, and it disables shadow copies to thwart recovery efforts. Medusa's attacks often result in the encryption of critical data and substantial ransom demands.
Potential Vulnerabilities
IT service providers like Percento Technologies International are attractive targets for ransomware groups due to their access to sensitive client data and critical IT infrastructure. The company's reliance on managed IT services, cloud, on-premises, and hybrid systems may have presented vulnerabilities that the Medusa group exploited. The attack on Percento highlights the importance of implementing comprehensive cybersecurity measures to protect against sophisticated ransomware threats.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.