ALPHV Ransomware Gang Targets Alpha Data

Attack on Alpha Data

The ALPHV ransomware gang, also known as BlackCat, has attacked Alpha Data. Alpha Data is a digital transformation solutions and system integration provider headquartered in Abu Dhabi, UAE. ALPHV/BlackCat posted Alpha Data to its data leak site on June 15th.

Threats and Demands

A statement posted on BlackCat’s data leak site reads: “If the management of the ALPHA DATA company does not contact us to protect the data of its customers within 24 hours, all critical data will be used for criminal purposes or published freely. !!! ATTENTION !!! !!! ALPHA DATA NETWORK HAVE A HUGE NUMBER OF VULNERABILITIES !!! !!! COOPERATING WITH ALPHA DATA AND USING THEIR PRODUCTS AND GOODS CAN CAUSE YOUR COMPANY TO BE HACKED AND YOUR CONFIDENTIAL DATA TO BE LEAKED !!! !!! IN THE NEAR FUTURE, ALL CONFIDENTIAL DATA STOLEN FROM ALPHA DATA’S NETWORK WILL BE USED FOR CRIMINAL PURPOSES !!!”

Implications of the Attack

“ALPHA DATA – is one of the most dangerous companies in its field. We thoroughly analyzed the company’s network and its business processes. We have found many vulnerabilities in the company’s security. All of the company’s clients and partners are exposed to a huge risk when using ALPHA DATA’s services and collaborating with this company. A lot of confidential and personal information of clients and partners was stolen from the company, as well as top management personal files:

• Personal information of employees, clients, and partners
• Financial and banking documents of the company and its clients
• Internal business documents, strategic and analytical data
• NDA contracts with clients and partners
• Passport data of employees and clients
• Engineering and technical information about the company’s services with detailed descriptions and drawings
• Top management personal data including passports, plate numbers, contacts
• Company sales data
• Logistics data

ALPHA DATA and its management were fully aware of the attack and the stolen sensitive data from their system. They had every opportunity to contact us to protect the personal and critical data of their customers and partners but did not do so, believing that their customer’s and partners’ data was not worth it.

Final Warning and Consequences

“The management of the ALPHA DATA company fully possesses all information about this incident and is also aware of the vulnerabilities of its equipment and the danger of its use. If the Automatic System management does not contact us within 48 hours to protect their data and preserve the confidentiality of their equipment vulnerabilities, all stolen data of ALPHA DATA will be made publicly available, and vulnerabilities and methods of hacking their network will be sold to interested parties. Also, the personal and financial data of clients and partners will be used for criminal purposes and other activities. At the moment, the situation completely depends on the decision of the ALPHA DATA company.”