Ransomware Attack on Sigmund Espeland AS by 8Base

Incident Date:

May 13, 2024

World map

Overview

Title

Ransomware Attack on Sigmund Espeland AS by 8Base

Victim

Sigmund Espeland AS

Attacker

8base

Location

Årnes, Norway

, Norway

First Reported

May 13, 2024

Ransomware Attack on Sigmund Espeland AS by 8Base

Victim Overview

A Norwegian company specializing in manufacturing high-quality jewelry pieces, Sigmund Espeland AS, was targeted in a cyberattack by the ransomware group 8Base. The company is known for its traditional and modern designs using materials like 18 carat gold and precious stones such as diamonds, sapphires, rubies, and emeralds.

Company Profile

Sigmund Espeland AS is a reputable Norwegian company that produces a wide range of jewelry pieces for women, men, and children. They are recognized for their high-end jewelry line that combines diamonds and precious stones in 18 carat gold.

Standout Feature

The standout feature of the company is their focus on high-quality jewelry products and traditional designs, setting them apart in the industry.

Vulnerabilities

As a medium-sized business specializing in jewelry manufacturing, Sigmund Espeland AS may have been targeted by threat actors due to the valuable nature of their products and the potential for financial gain through ransomware attacks.

Attack Overview

The cyberattack on Sigmund Espeland AS involved the compromise of their website, leading to the exposure of sensitive information. Various types of confidential data, including invoices, receipts, accounting documents, personal data, certificates, employment contracts, and personal files, were compromised. The leaked data was fully published, highlighting the severity of the breach and the risks to privacy and security.

Ransomware Group 8Base

The 8Base ransomware group, active since April 2022, is known for its aggressive tactics and double-extortion strategy. They target small and medium-sized businesses across various sectors, encrypting files and stealing data to pressure victims into paying the ransom. 8Base uses ransomware strains like Phobos and spreads through phishing emails, exploit kits, and drive-by downloads.

Group Distinctions

The ransomware group distinguishes itself through its double-extortion tactics, where they not only encrypt files but also threaten to release stolen data if the ransom is not paid. This approach aims to add pressure on victims by potentially damaging their brand or reputation.

It is believed that 8Base could have penetrated Sigmund Espeland AS's systems through phishing emails, exploit kits, or drive-by downloads, exploiting vulnerabilities in the company's cybersecurity defenses.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.