Ransomware Attack on Diatech Lab Line by DonutLeaks Results in 1.2 TB Data Breach
Incident Date:
July 17, 2024
Overview
Title
Ransomware Attack on Diatech Lab Line by DonutLeaks Results in 1.2 TB Data Breach
Victim
Diatech Lab Line
Attacker
Donutleaks
Location
First Reported
July 17, 2024
Ransomware Attack on Diatech Lab Line by DonutLeaks
Overview of Diatech Lab Line
Diatech Lab Line, established in 2011 and based in Jesi, Ancona, Italy, is a prominent distributor of products and reagents for molecular and cellular biology laboratories. As part of the Diatech group, which includes Diatech Pharmacogenetics and BiMind, the company provides comprehensive solutions for molecular biology research. They specialize in advanced tools and reagents for applications such as single-cell RNA and DNA sequencing and gene expression analysis. Collaborating with leading brands like Takara and NanoString, Diatech Lab Line ensures cutting-edge technology for their customers. Their commitment to quality is underscored by certifications such as EN ISO 9001:2015 and EN ISO 13485:2016.
Details of the Ransomware Attack
Diatech Lab Line has recently fallen victim to a ransomware attack orchestrated by the DonutLeaks group. The cybercriminals have reportedly exfiltrated a substantial 1.2 TB of data from the company. This breach has led to Diatech Lab Line being publicly listed as a victim by the DonutLeaks ransomware group, highlighting the severity and scale of the attack. The attack has significant implications for the company, given its critical role in the healthcare services sector and its extensive collaborations with research institutions and laboratories.
About DonutLeaks Ransomware Group
The DonutLeaks ransomware group is a data extortion group first detected in August 2022. They have been linked to several high-profile cyberattacks, including those on DESFA, Sheppard Robson, and Sando. The group uses customized ransomware for double-extortion attacks, encrypting files and leaking stolen data to extort victims. Their ransomware renames encrypted files with the ".d0nut" extension and avoids files and folders containing specific strings. DonutLeaks maintains a data storage site where stolen data is stored and can be browsed and downloaded by visitors. The group is known for its theatrics, using interesting graphics, humor, and ASCII art in their ransom notes and data leak site.
Potential Vulnerabilities
Diatech Lab Line's extensive digital infrastructure and the sensitive nature of the data they handle make them a prime target for ransomware groups like DonutLeaks. The company's focus on providing high-quality products and services to the scientific community means that any disruption can have far-reaching consequences. The attack underscores the importance of robust cybersecurity measures, especially for companies operating in critical sectors like healthcare and molecular biology research.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.