RansomHub attacks Scadea Solutions

Incident Date:

March 11, 2024

World map

Overview

Title

RansomHub attacks Scadea Solutions

Victim

Scadea Solutions

Attacker

Ransomhub

Location

Princeton, USA

New Jersey, USA

First Reported

March 11, 2024

Scadea Solutions Compromised by RansomHub Ransomware Group

Scadea Solutions has reportedly been compromised by the RansomHub ransomware group. The allegedly compromised data includes 30 GB of private email logs and a MYSQL database, including accounts, PII, personal data, and private records. Scadea is a leading provider of low-code development, workflow automation, and AI solutions. Its mission is to revolutionize the way businesses approach digital transformation by empowering them with the tools and expertise they need to thrive in today’s fast-paced and ever-changing digital landscape.

About RansomHub

RansomHub is a relatively new ransomware-as-a-service operation whose darknet site features an index page where all its victims are listed, as well as About and Contact pages. The group claims to be a team of hackers from around the world, motivated by one thing – financial gain. However, the gang does say that it does not allow attacks against certain targets, including CIS, Cuba, North Korea, and China.

RansomHub's Rules

The group also lists a few general rules that it follows, as well as rules for its affiliates. RansomHub does not allow non-profit organizations to be targeted, and nor does it allow “re-attacks” – follow-up attacks on victims who have already paid.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.