Ransomware Attack on Allen Blasting and Coating, Inc.

Incident Date:

May 14, 2024

World map

Overview

Title

Ransomware Attack on Allen Blasting and Coating, Inc.

Victim

Allen Blasting and Coating, Inc.

Attacker

dAn0n

Location

Wever, USA

Iowa, USA

First Reported

May 14, 2024

Ransomware Attack on Allen Blasting and Coating, Inc.

Victim Profile

Allen Blasting and Coating, Inc. is a premier industrial painting and coating contractor based in Wever, Iowa, with a revenue of $20 million. The company specializes in surface preparation, tank lining, floor toppings, industrial cleaning, ceramic insulations, fireproofing, plant survey, and water blasting services. They operate in the Construction sector and provide services to industries such as oil and gas, marine, and manufacturing.

Industry Standing

The company stands out in the industry for their commitment to providing a safe work environment, quality control, and environmental protection. They focus on delivering high-quality finished products and building lasting relationships with customers through exceptional performance and integrity.

Vulnerabilities

As a company handling sensitive data and operating in the construction sector, Allen Blasting and Coating may be targeted by threat actors due to the valuable information they possess, including financial records, legal documents, employee details, and client data.

Attack Overview

The ransomware group dAn0n targeted Allen Blasting and Coating, Inc. in a severe cyberattack, resulting in the theft of 1 terabyte of data from their website. The stolen information included financial and legal records, sensitive employee and partner information, as well as client data such as personal information, signed contracts, transaction records, and legal details.

Ransomware Group Profile

The dAn0n ransomware group emerged as a significant threat in the cyber landscape, utilizing sophisticated data breach and extortion tactics. They distinguish themselves through various extortion methods, including blackmail, direct extortion, double extortion, cyber insurance extortion, and data leaks. The group poses a high risk to victim organizations' client confidentiality, business operations, and reputation.

Penetration

The ransomware group could have penetrated Allen Blasting and Coating's systems through vulnerabilities in their network security, phishing attacks, or exploiting software weaknesses. The group's communication channels include dan0n.com on the clearnet and a TOR site for anonymous interactions.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.