Silipos Hit by Ransomware Attack from Cicada3301: Data at Risk

Incident Date:

August 5, 2024

World map

Overview

Title

Silipos Hit by Ransomware Attack from Cicada3301: Data at Risk

Victim

Silipos

Attacker

Cicada 3301

Location

Niagara Falls, USA

New York, USA

First Reported

August 5, 2024

Ransomware Attack on Silipos by Cicada3301

Silipos, a global leader in gel technology and manufacturing, has recently fallen victim to a ransomware attack orchestrated by the notorious group Cicada3301. This attack has significant implications for Silipos, a company renowned for its innovative silicone-based products in the healthcare and wellness sectors.

Company Overview

Founded in 1989, Silipos specializes in the development and manufacture of silicone gel products aimed at foot care, wound care, and therapeutic needs. The company operates a major production facility in Niagara Falls, New York, and serves over 7,000 customers in 90 countries. Silipos stands out in the industry for its commitment to quality, innovation, and customer service, offering more than 300 products that enhance comfort and protection for users.

Attack Overview

The ransomware group Cicada3301 has claimed responsibility for the attack on Silipos, stating that they have exfiltrated 200 GB of sensitive data. The attackers have threatened to publish this data if the company does not make contact. This breach poses a significant risk to Silipos' reputation and could impact its extensive global operations and customer trust.

About Cicada3301

Cicada3301 emerged as a new threat actor group in June 2024, distinguishing itself from traditional ransomware groups by focusing on data theft and sale rather than encrypting data and demanding ransom. The group operates a leak site where they publish stolen data to pressure victims and attract buyers on dark web marketplaces. Their operations reflect a shift in the cyber threat landscape towards more sustained and long-term exploitation of stolen data.

Cicada 3301

To clarify, the name “Cicada 3301” was originally associated with an online puzzle that gained notoriety between 2012-2014. However, the name has since been appropriated by a separate and unrelated ransomware group, which has been the focus of recent reports, including ours.

Halcyon fully respects the legacy of the original “Cicada 3301” organization and recognizes their distinction from the activities of the ransomware group using the same name. Our reporting on the ransomware group is consistent with fair use, aiming to inform the public about cybersecurity threats.  For those interested in the original “Cicada 3301” and their official stance on this matter, we encourage you to visit their statement here.

We appreciate your understanding as we strive to maintain clarity and accuracy in our reporting.

Potential Vulnerabilities

Silipos, like many companies in the healthcare sector, handles sensitive data that makes it an attractive target for ransomware groups. The company's extensive global operations and reliance on digital systems for research, development, and customer service could have provided multiple entry points for the attackers. Ensuring regular system audits and vigilant monitoring are crucial for protecting against such sophisticated threats.

Impact on Silipos

The ransomware attack on Silipos could have far-reaching consequences, including financial loss, regulatory penalties, and damage to customer trust. The exposure of sensitive data can lead to identity theft, corporate espionage, and long-term operational disruptions. As Silipos navigates this crisis, the focus will be on mitigating the damage and reinforcing their cybersecurity defenses to prevent future attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.