ragnarlocker attacks Simonson-Lumber

Incident Date:

May 11, 2022

World map



ragnarlocker attacks Simonson-Lumber






St Cloud, USA

Minnesota, USA

First Reported

May 11, 2022

Simonson Lumber Suffers Ransomware Attack

Simonson Lumber, a full-service lumber yard based in Minnesota, has recently fallen victim to a ransomware attack orchestrated by the group known as Ragnarlocker. This incident was disclosed on the group's dark web leak site, highlighting the ongoing cybersecurity threats faced by companies across various sectors. Simonson Lumber has been a cornerstone in the construction industry since 1913, emphasizing the significant impact of such attacks on well-established businesses.

Company Profile

As a locally owned and operated entity, Simonson Lumber provides a wide range of building materials, catering to both stock and special order requirements. The company is renowned for its comprehensive service in building and lumber, including the manufacturing of Mathew Hall Components. With a focus on expert advice, project planning, and support, Simonson Lumber has built a strong rapport with contractors and homeowners alike, underpinning its reputation in the industry.

Vulnerabilities and Impact

The ransomware attack was not the first cybersecurity challenge for Simonson Lumber. An earlier data breach in April 2022 exposed the company's IT environment to unauthorized access, potentially compromising sensitive personal information of employees and consumers. This included a range of data from names and contact details to Social Security numbers, driver's license numbers, and financial account information.

In response to these security incidents, Simonson Lumber undertook several measures to fortify its cybersecurity posture. These included a system-wide password reset, the implementation of enhanced IT system monitoring, and the engagement of a third-party IT forensic expert for a comprehensive investigation. Additionally, the company offered two years of complimentary identity theft protection to those affected, demonstrating a commitment to mitigating the impact on its stakeholders.

Ransomware Group

Ragnarlocker, the group behind the attack on Simonson Lumber, is notorious for its global targeting of organizations, leading to significant personal data breaches. The group's dark web leak site, which is updated three times daily, serves as a grim reminder of the pervasive threat posed by ransomware attacks in today's digital landscape.

The ransomware attack on Simonson Lumber underscores the critical importance of robust cybersecurity defenses for companies in all sectors. Despite proactive measures to enhance system security and privacy, the incident reveals the persistent challenges businesses face in safeguarding against and responding to ransomware threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.