Ransomware Attack on Service Public de Wallonie by 8Base
Incident Date:
May 13, 2024
Overview
Title
Ransomware Attack on Service Public de Wallonie by 8Base
Victim
Service public de Wallonie
Attacker
8base
Location
First Reported
May 13, 2024
Ransomware Attack on Service Public de Wallonie by 8Base
Victim Overview
The Service Public de Wallonie (SPW) is a public service entity in the Walloon region of Belgium. It serves as the main interface between regional institutions and citizens, implementing policies decided by the Walloon Government within its competencies. With approximately 10,000 employees spread across central and decentralized services, SPW plays a crucial role in implementing regional policies and providing various services to citizens.
Company Profile
The SPW is composed of seven operational directorates, including the Secretariat General, Mobility and Infrastructure, Agriculture, Resources, and Environment, Territoire, Logement, Patrimoine, Énergie, Intérieur et Action Sociale, Économie, Emploi, Recherche, and Finances. It is a key partner for local authorities and is involved in sectors such as education, employment, and social support.
Attack Overview
The cybercrime group 8Base targeted the SPW through a ransomware attack, compromising the victim's website. The attack resulted in the exposure of sensitive information, including invoices, receipts, accounting documents, personal data, certificates, employment contracts, and more. The leaked data was fully published, indicating a serious breach of security. The ransom deadline was set for the 13th of May 2024.
Ransomware Group 8Base
8Base is a ransomware group that has been active since April 2022, targeting small and medium-sized businesses across various sectors. Known for its double-extortion tactics, 8Base encrypts files and steals data, threatening to publicly release it if the ransom is not paid. The group uses ransomware strains like Phobos and is believed to spread via phishing emails, exploit kits, and drive-by downloads.
Company Vulnerabilities
SPW's significant amount of confidential data and its role as a public service entity make it an attractive target for threat actors like 8Base. The exposure of sensitive information highlights the importance of fortified cybersecurity measures to mitigate such threats and protect valuable data.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.