Ransomware Attack Hits Gortemoller Engineering: Lynx Group Claims
Incident Date:
August 29, 2024
Overview
Title
Ransomware Attack Hits Gortemoller Engineering: Lynx Group Claims
Victim
Gortemoller Engineering (gorteng.local)
Attacker
Lynx
Location
First Reported
August 29, 2024
Ransomware Attack on Gortemoller Engineering by Lynx Group
Gortemoller Engineering, Inc. (GE), a civil engineering firm based in Panama City Beach, Florida, has recently fallen victim to a ransomware attack orchestrated by the Lynx group. The attack was publicly claimed by Lynx on their dark web leak site, where they provided sample screenshots as evidence of the breach.
About Gortemoller Engineering
Founded in 2002 by Dexter Gortemoller, Gortemoller Engineering specializes in civil, environmental, industrial, and transportation design. The firm has established itself as a key player in Northwest Florida and Southern Alabama, serving both private entities and local government agencies. Despite its relatively small size, with fewer than 25 employees, GE has completed projects valued at over $157 million and constructed more than 126 miles of roadway. The company is known for its commitment to quality design and strong client relationships.
Details of the Attack
The Lynx ransomware group claims to have infiltrated Gortemoller Engineering's systems, encrypting files and stealing sensitive data. The attackers appended the encrypted files with a .LYNX extension and left a ransom note instructing the company to contact them via TOR. This breach poses significant risks to the confidentiality and integrity of GE's information, potentially impacting their operations and client trust.
About Lynx Ransomware Group
Lynx is a double-extortion ransomware group that emerged in August. They have been actively targeting multiple companies, avoiding sectors like government, healthcare, and non-profits. Lynx distinguishes itself by not only encrypting files but also stealing data to pressure victims into paying the ransom. The group uses sophisticated infiltration techniques, which may include phishing, exploiting vulnerabilities in software, or leveraging weak security protocols.
Potential Vulnerabilities
Gortemoller Engineering's relatively small size and the nature of their operations may have made them an attractive target for Lynx. Smaller firms often have fewer resources to dedicate to cybersecurity, making them more vulnerable to sophisticated attacks. Additionally, the sensitive nature of the data handled by GE, including project plans and client information, increases the potential impact of such breaches.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.