McAlvain Construction Company Targeted by Cactus Ransomware Group

Company Profile

McAlvain, a construction company that specializes in large-scale projects in Idaho, recently fell victim to an attack by the Cactus ransomware group. The company, renowned in the construction sector for its expertise in concrete services, safety, quality, productivity, and innovative leadership, confirmed the incident. McAlvain Companies, Inc., headquartered in Boise, Idaho, operates in the construction industry. According to LinkedIn, the company has a workforce ranging from 201 to 500 employees.

Vulnerabilities and Impact

The Cactus ransomware group, which first surfaced in March 2023, has been responsible for 18 confirmed attacks so far, including the one on McAlvain. The ransomware disables functions and applications, adds registry entries, files, and programs, and encrypts data with the file extension ".id-[id].[email].brrr". The attack on McAlvain is part of a broader trend of ransomware targeting various industries, with the ransom demanded often varying depending on the size and significance of the victim.

Response and Mitigation

Te extent of the damage or the measures the company have taken to mitigate the impact of the attack has not been disclosed by them. However, it is crucial for companies, such as McAlvain Construction Company, to have robust cybersecurity measures in place, including regular backups, security software, and employee training, to reduce the risk of ransomware attacks.

Sources

• McAlvain | Expert Large-Scale Construction in Idaho
• Construction company McAlvain confirms data breach that exposed SSNs and other employee info
• Live Ransomware Updates - Ransom-DB
• THREAT ALERT: INC Ransomware - Cybereason
• Daily Dark Web on X: "The New Ransomware Victim of CACTUS"
• Ransomware Attacks and Types – How Encryption Trojans Differ