Jinny's Passion for Beauty Targeted by Blackbasta Ransomware Group

Company Size and Industry Standout

Jinny's Passion for Beauty operates with over 300 branches nationwide, serving nearly 500,000 customers. The company is known for its extensive product offerings, including its own brand and a variety of other well-known brands.

Vulnerabilities and Targeting

The specific vulnerabilities that led to the successful attack by Blackbasta are not detailed in the available information. However, ransomware groups often exploit known vulnerabilities in software, hardware, or network configurations to gain access to a target's systems. In the case of Blackbasta, they have been known to use valid accounts, exposed RDP servers, and FortiOS vulnerabilities CVE-2018-13379 and CVE-2020-12812 to gain initial access to an organization's network.

Impact and Response

The attack on Jinny's Passion for Beauty has resulted in the encryption of files with the ".play" extension, which is associated with the Play Ransomware group. The company has not commented on whether they will pay a ransom to regain access to their systems and data.

Mitigation Strategies

While the specific mitigation strategies employed by Jinny's Passion for Beauty are not mentioned in the available information, it is generally recommended for organizations to implement a multi-layered approach to cybersecurity, including regular software updates, employee training, and the use of security solutions designed to detect and respond to ransomware attacks.

Sources

• Jinny's Passion for Beauty
• Cybersecurity Ventures - Ransomware Report: Latest Attacks And News - Cybercrime Magazine
• FBI - Ransomware
• SOCRadar - Dark Web Profile: Play Ransomware
• CISA - Report Ransomware