Ransomware Attack Compromises 30GB of Data at Certified Transmission
Incident Date:
August 19, 2024
Overview
Title
Ransomware Attack Compromises 30GB of Data at Certified Transmission
Victim
Certified Transmission
Attacker
Meow
Location
First Reported
August 19, 2024
Ransomware Attack on Certified Transmission by MEOW Group
Certified Transmission, a prominent player in the automotive transmission remanufacturing and repair industry, has fallen victim to a ransomware attack orchestrated by the MEOW group. The attack has compromised over 30 GB of sensitive data, posing significant risks to the company's operational integrity and reputation.
Company Overview
Founded in 1979 and headquartered in Omaha, Nebraska, Certified Transmission specializes in the remanufacturing and wholesale distribution of vehicle transmissions. The company operates two remanufacturing facilities and maintains a network of 15 distributors and 14 retail locations across the United States. With approximately 500 employees, Certified Transmission is known for its high-quality products and exceptional customer service, guided by the principle "The Job Done Right...At The Right Price."
What Sets Certified Transmission Apart
Certified Transmission is distinguished by its commitment to quality and customer satisfaction. The company offers remanufactured transmissions that meet or exceed OEM specifications and provides a comprehensive warranty program, including a nationwide transferable warranty of 5 years or 100,000 miles. This dedication to quality and customer care has earned the company multiple awards, including the Better Business Bureau's National Torch Award for Marketplace Ethics.
Details of the Ransomware Attack
The MEOW ransomware group claims to have exfiltrated over 30 GB of sensitive data from Certified Transmission. The compromised data includes employee information, client details, scanned payment documents, personal data such as dates of birth, driver's license scans, social security numbers, and financial documents. The attackers have showcased sample screenshots of the stolen data on their dark web portal and are marketing it to potential buyers.
About MEOW Ransomware Group
MEOW Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group primarily targets organizations in the United States, employing various infection methods such as phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. MEOW Ransomware is known for posting victim data on their leak site if the ransom is not paid.
Potential Vulnerabilities
Certified Transmission's extensive network and large workforce may have contributed to its vulnerability to ransomware attacks. The company's reliance on digital systems for managing sensitive data, combined with potential weaknesses in cybersecurity measures, could have provided an entry point for the MEOW group. The attack underscores the critical need for enhanced cybersecurity protocols to protect against increasingly sophisticated ransomware threats.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.