Triten Insurance Targeted by Alphv Ransomware Group

Triten Insurance, a company specializing in auto, home, business, commercial, life & health insurance, employee benefits, and Medicare related insurance products, has been targeted by the ransomware group Alphv. The attack was announced on the group's dark web leak site, indicating that the victim's website has been compromised.

Alphv, also known as BlackCat or Noberus, is a ransomware family that operates as part of Ransomware as a Service (RaaS) operations. The group is known for its highly configurable Rust-driven ransomware, which attempts to evade detection by disabling Windows Defender and removing Microsoft Security Essentials.

Triten Insurance is based in Blountville, Tennessee, and serves customers in Northeast Tennessee and Southwest Virginia, including cities like Bristol, Kingsport, and Johnson City. The company was formed through the merger of Hagerty Hyler Insurance and the Business Insurance Group in 2007.

The attack on Triten Insurance is part of a broader trend of ransomware groups evolving their tactics to include DDoS attacks, contacting victims' customers and partners, and short selling victims' stocks to increase pressure on the victims to pay the ransom.

To mitigate the risks of ransomware attacks, organizations should conduct regular cybersecurity drills, build incident response plans, and implement business contingency plans to minimize the impact on operations. It is also recommended not to pay the ransom, as it supports the operation of ransomware gangs.

Sources

• Triten Insurance Website
• RansomLook: Alphv
• RansomLook: Groups Profiles
• Ransomwatch