Tommy Club Breached: DarkVault Ransomware Attack

Incident Date:

April 12, 2024

World map

Overview

Title

Tommy Club Breached: DarkVault Ransomware Attack

Victim

Tommy Club

Attacker

DarkVault

Location

Kent, United Kingdom

, United Kingdom

First Reported

April 12, 2024

Ransomware Attack on Tommy Club

Victim Profile

The Tommy Club, a charity subscription service supporting Armed Forces veterans, has been targeted in a ransomware attack by the group DarkVault. The club is part of the Royal British Legion Industries (RBLI), a non-profit organization providing various services for veterans, including adapted apartments, nursing care, and employment opportunities through Britain’s Bravest Manufacturing Company (BBMC).The RBLI, which includes the Tommy Club, has a company size of 201-500 employees.

Industry Standing

The company stands out in the Organizations sector for its dedication to supporting veterans in need. By joining the club, individuals directly contribute to providing essential services and employment opportunities for veterans, while also receiving exclusive benefits such as a welcome pack with a Tommy Club card and an exclusive lapel pin.

Vulnerabilities

Given the nature of their work and the sensitive information they handle, organizations like the Tommy Club are often targeted by threat actors. The personal and financial data of their members, as well as the operational continuity of their services, make them attractive targets for ransomware attacks. In this case, the DarkVault group has claimed responsibility for the attack on the Tommy Club, potentially putting the organization's data and operations at risk.

Sources:

Tommy Club Website

WatchGuard Technologies - DarkVault Ransomware Tracker

LinkedIn - LockBit Attempt to Rebrand as DarkVault

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.