Ransomware Attack Hits John W. Brooker & Co., CPAs in Oakland

Incident Date:

August 31, 2024

World map

Overview

Title

Ransomware Attack Hits John W. Brooker & Co., CPAs in Oakland

Victim

John W. Brooker & Co., CPAs

Attacker

Cicada 3301

Location

Oakland, USA

California, USA

First Reported

August 31, 2024

Ransomware Attack on John W. Brooker & Co., CPAs

On August 31, 2024, John W. Brooker & Co., CPAs, a reputable financial advisory firm based in Oakland, California, became the latest victim of a ransomware attack orchestrated by the cybercriminal group Cicada3301. The firm, which has been in operation for over 42 years, specializes in providing comprehensive financial services to medical, dental, and other service-oriented businesses.

Company Profile

John W. Brooker & Co., CPAs is known for its tailored accounting, tax planning, consulting, and financial advisory services. The firm manages approximately $411.67 million in regulatory assets across 540 client accounts, focusing on high-net-worth individuals, charitable organizations, and pension plans. Their expertise in the financial needs of medical and dental practices sets them apart in the industry.

Attack Overview

The ransomware attack targeted the firm's website, https://www.brooker-cpa.com, and resulted in the compromise of 300 units of sensitive data. The attack has raised significant concerns about the security of client information and the firm's ability to maintain its high standards of personalized financial advisory services.

About Cicada3301

Cicada3301 is a relatively new threat actor group that emerged in June 2024. Unlike traditional ransomware groups, Cicada3301 operates as a data broker, focusing on stealing sensitive data and selling it on dark web marketplaces. This approach marks a shift from conventional ransomware tactics to more sustained and long-term damage strategies.

Penetration and Vulnerabilities

While the exact method of penetration remains unclear, it is likely that Cicada3301 exploited vulnerabilities in the firm's cybersecurity infrastructure. Given the firm's focus on high-net-worth clients and sensitive financial data, it presents an attractive target for cybercriminals. The attack underscores the critical need for enhanced cybersecurity measures in financial institutions.

Impact and Implications

The attack on John W. Brooker & Co., CPAs highlights the growing threat of ransomware attacks on financial institutions. The exposure of sensitive client data can lead to severe consequences, including identity theft, financial loss, and reputational damage. The firm must now navigate the challenges of restoring its operations and safeguarding its clients' information.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.