Black Basta Ransomware Targets MGF Sourcing, Threatens Data Leak

Incident Date: Jun 17, 2024

Attack Overview

VICTIM

MGF Sourcing

INDUSTRY

Business Services

LOCATION

USA

ATTACKER

Blackbasta

FIRST REPORTED

June 17, 2024

Request Removal

Ransomware Attack on MGF Sourcing by Black Basta Group

Company Profile: MGF Sourcing

MGF Sourcing, headquartered in Columbus, Ohio, is a prominent player in the global apparel and fashion industry, specializing in sourcing and supply chain management. With a workforce of approximately 459 employees and an annual revenue of $153.7 million, the company excels in providing comprehensive services ranging from product development to logistics. MGF Sourcing's extensive network across countries like China, Hong Kong, and India, among others, positions it as a critical link in the apparel retail sector, particularly for U.S.-based specialty retailers.

Details of the Ransomware Attack

The Black Basta ransomware group has claimed responsibility for a significant cyberattack on MGF Sourcing, alleging the theft of 500 GB of sensitive data, including HR records and financial information. The group has threatened to release the data unless negotiations are initiated within an eight-day deadline. This incident underscores the vulnerabilities even well-established firms face in the digital age.

About Black Basta Ransomware Group

Emerging in early 2022, Black Basta is known for its targeted attacks and double extortion tactics. The group's modus operandi includes spear-phishing, exploiting network vulnerabilities, and lateral movement facilitated by tools like QakBot and Mimikatz. Black Basta's approach not only disrupts operations but also poses a severe threat to data integrity and business continuity.

Potential Vulnerabilities and Attack Vectors

MGF Sourcing's extensive global network and reliance on digital technologies for supply chain management may have exposed it to increased cybersecurity risks. The integration of various IT systems across multiple geographic locations potentially opens up several attack vectors for groups like Black Basta. The company's significant data pools, from design specs to supplier contracts, present lucrative targets for cybercriminals looking to leverage stolen information for ransom.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.