Promise Technology Hit by Abyss Ransomware Exposing 1.8TB Data
Incident Date:
October 11, 2024
Overview
Title
Promise Technology Hit by Abyss Ransomware Exposing 1.8TB Data
Victim
Promise Technology Inc.
Attacker
Abyss
Location
First Reported
October 11, 2024
Ransomware Attack on Promise Technology Inc. by Abyss Group
Promise Technology Inc., a leader in the storage solutions industry, has reportedly fallen victim to a ransomware attack orchestrated by the Abyss group. The attackers claim to have exfiltrated approximately 1.8 terabytes of data, highlighting the ongoing threat posed by ransomware to major corporations.
About Promise Technology Inc.
Founded in 1988, Promise Technology Inc. is renowned for its high-performance storage solutions, including Network Attached Storage (NAS) and Storage Area Networks (SAN). The company is a significant player in the global market, with a workforce of around 1,000 employees and operations spanning multiple continents. Promise Technology's innovative products, such as the VTrak and Vess series, are designed to meet the demanding needs of sectors like IT, cloud computing, and video surveillance. Their proprietary SmartBoost™ storage software further distinguishes them by optimizing performance and eliminating bottlenecks.
Vulnerabilities and Attack Overview
Despite its extensive offerings, Promise Technology's vast data assets make it an attractive target for cybercriminals. The Abyss ransomware group, known for targeting VMware ESXi environments, has exploited these vulnerabilities. The specifics of how the group penetrated Promise Technology's systems remain undisclosed, but the attack underscores the importance of securing storage infrastructure against sophisticated threats.
About the Abyss Ransomware Group
The Abyss ransomware group emerged in March 2023, distinguishing itself through multi-extortion tactics and a focus on VMware ESXi environments. They operate a TOR-based website to list victims and exfiltrated data, pressuring companies to comply with their demands. The group's operations have evolved from earlier variants, including a Windows version observed in 2019. Their ability to adapt and target various industries, including technology and manufacturing, makes them a formidable threat.
Potential Impact and Industry Implications
The breach at Promise Technology Inc. highlights the persistent risk ransomware poses to companies with significant data assets. As a leader in storage solutions, the impact on Promise Technology's operations and clients could be substantial, though details remain undisclosed. This incident serves as a reminder of the critical need for effective cybersecurity measures in the storage solutions sector.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.