Tommy Club Breached: DarkVault Ransomware Attack
Incident Date:
April 12, 2024
Overview
Title
Tommy Club Breached: DarkVault Ransomware Attack
Victim
Tommy Club
Attacker
DarkVault
Location
First Reported
April 12, 2024
Ransomware Attack on Tommy Club
Victim Profile
The Tommy Club, a charity subscription service supporting Armed Forces veterans, has been targeted in a ransomware attack by the group DarkVault. The club is part of the Royal British Legion Industries (RBLI), a non-profit organization providing various services for veterans, including adapted apartments, nursing care, and employment opportunities through Britain’s Bravest Manufacturing Company (BBMC).The RBLI, which includes the Tommy Club, has a company size of 201-500 employees.
Industry Standing
The company stands out in the Organizations sector for its dedication to supporting veterans in need. By joining the club, individuals directly contribute to providing essential services and employment opportunities for veterans, while also receiving exclusive benefits such as a welcome pack with a Tommy Club card and an exclusive lapel pin.
Vulnerabilities
Given the nature of their work and the sensitive information they handle, organizations like the Tommy Club are often targeted by threat actors. The personal and financial data of their members, as well as the operational continuity of their services, make them attractive targets for ransomware attacks. In this case, the DarkVault group has claimed responsibility for the attack on the Tommy Club, potentially putting the organization's data and operations at risk.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.