vicesociety attacks Levantina, Ingenieria y Construccion
Incident Date:
April 28, 2022
Overview
Title
vicesociety attacks Levantina, Ingenieria y Construccion
Victim
Levantina, Ingenieria y Construccion
Attacker
Vicesociety
Location
First Reported
April 28, 2022
Ransomware Attack on Levantina, Ingenieria y Construcción
Company Profile
Levantina, Ingenieria y Construcción, a prominent Spanish engineering and construction firm, has been actively engaged in significant projects across various sectors. Notably, the company's portfolio includes the construction of a viaduct in Annaba, Algeria, and the development of a building dedicated to the administrative activities of municipalities in the comarca.
Vulnerabilities
The exact vulnerabilities that facilitated the ransomware attack on Levantina, Ingenieria y Construcción remain unspecified. Nonetheless, it is evident that the assault impacted the company's back-end systems, leading to disruptions in online bill payment functionalities. This situation implies potential exploitation of network security weaknesses or software vulnerabilities by the attackers.
Impact
The cyberattack orchestrated by the ransomware group vicesociety resulted in the exfiltration of personal data and necessitated the temporary shutdown of certain infrastructure components. While the company's primary operations in water or wastewater treatment remained unaffected, the breach of personal data poses a significant concern.
Response
In response to the cyber incident, Levantina, Ingenieria y Construcción's IT and security incident response teams have been diligently working with law enforcement and external partners to mitigate the attack's impact and prevent future breaches. Similar to Veolia North America's experience with a ransomware attack, defensive strategies were employed, including the isolation of compromised back-end systems and servers to facilitate recovery processes.
Sources
- Levantina, Ingenieria y Construcción - Access to Annaba - ARGELIA
- Veolia North America and Southern Water hit by ransomware attacks, data breach concerns arise
- Hackers stole data from multiple electric utilities in recent ransomware attack on a US government contractor
- Water facility operator says ransomware attack affected North America division
- One of the world’s biggest operators of water and wastewater systems dealt with a ransomware attack last week that affected its operations in North America
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.