Longhorn Investments Suffers Ransomware Attack

Overview of the Incident

Longhorn Investments, a prominent direct private lender known for providing short-term acquisition and renovation capital to real estate investors, has recently fallen victim to a ransomware attack orchestrated by the group alphv. This incident was publicly disclosed on a dark web leak site. Longhorn Investments has a significant operational footprint, with activities spanning across major metropolitan areas in Texas, Missouri, Indiana, Tennessee, Alabama, North Carolina, New Mexico, Arkansas, Ohio, and Georgia.

Details of the Ransomware Attack

The ransomware attack occurred on September 15, 2022, severely impacting the company's corporate servers and various operational systems. It is believed that the attackers gained access to sensitive personal information, including dates of birth, social security numbers, addresses, credit information, and details pertaining to real estate transactions.

Response and Mitigation Efforts

In response to the attack, Longhorn Investments has implemented several security measures aimed at mitigating the damage and preventing future incidents. These measures include initiating password resets, enforcing two-factor authentication for all users, and the deployment of advanced endpoint monitoring software. Furthermore, the company has sought the expertise of a leading global cybersecurity firm to enhance its network security posture.

Implications for the Finance Sector

The ransomware attack on Longhorn Investments serves as a stark reminder of the persistent threat landscape within the finance sector. It underscores the necessity for companies in this industry to continuously enhance their cybersecurity defenses through technological investments, staff training, and collaboration with cybersecurity experts. Such proactive measures are crucial for safeguarding against the increasingly sophisticated tactics employed by cybercriminals.

Sources

• Longhorn Investments. "Hard Money Lending Simplified." Retrieved April 10, 2024, from https://www.longhorninvestments.com
• TechTarget. "Publicly disclosed U.S. ransomware attacks database." Retrieved April 10, 2024, from https://www.techtarget.com/searchsecurity/feature/Publicly-disclosed-US-ransomware-attacks-database
• Palo Alto Networks. "Smart investments for getting ahead of ransomware." Retrieved April 10, 2024, from https://www.paloaltonetworks.com/resources/techbriefs/smart-investments-for-getting-ahead-of-ransomware
• Massachusetts Executive Office of Health and Human Services. "Assigned Data Breach Number 28624 - Longhorn III Investments, LLC." Retrieved April 10, 2024, from https://www.mass.gov/doc/assigned-data-breach-number-28624-longhorn-iii-investments-llc/download