Ransomware Attack on Fedfina.part2

A ransomware attack has been claimed by the group Everest against Fedfina.part2, a financial institution operating in the finance sector. The victim's website is www.fedfina.com, and the company is based in Kochi, India. Fedfina is a financial institution that has been targeted by the Everest Ransomware group, which has issued a data leak threat and demanded a ransom to unlock the systems.

The Everest Ransomware, also known as Everbe, was launched in 2018 and is known for hacking into computer systems, encrypting them with an encryption code, and demanding a ransom to unlock them. The group has threatened to publish 1,130 GB of internal data and delete the decryption key if the company fails to contact them within 48 hours. The data allegedly contains financial documents, personal data, and documents of employees.

Fedfina has refused to comment on the matter, and an internal probe has been launched into the incident. The public relations company associated with the financial institution has stated that comments cannot be made without the prior permission of the Reserve Bank.

The Financial Services Sector as a Target

The financial services sector has been a favored target of several high-profile threat groups, with about 40% of ransomware incidents against financial services companies linked to Clop. Other major threat groups, including LockBit, AlphV/BlackCat, Royal, and Black Basta, have also targeted financial services companies.

Financial institutions handle trillions of dollars each day and are highly interconnected, relying on a great deal of technology from third-party vendors. The continued threat of cyber disruption places enormous pressures on these businesses, as they risk systemic damage. In recent months, regulators have been cracking down on cybersecurity compliance, with the Federal Trade Commission amending its Safeguard Rule to require nonbank financial institutions to report any breach involving the data of more than 500 customers. New York State's Department of Financial Services has also taken action, reaching a $1 million settlement with First American Title Insurance over allegations the company exposed hundreds of customers' data.

The ransomware attack on Fedfina.part2 highlights the ongoing threat of cyber disruption in the financial services sector. The company's vulnerabilities include the handling of sensitive financial data and the reliance on third-party vendors for technology services. The incident underscores the need for robust cybersecurity measures and regulatory oversight to protect against such attacks.

Sources

• "Financial Services Malicious Cyber Activity: A Pattern of Threats Emerging" - Cybersecurity Dive
• "Over 600000 data records of Indian private bank's customers leaked on a cybercriminal forum" - teiss
• "Ransomware 'catastrophe' at Fidelity National Financial causes panic with homeowners and buyers" - TechCrunch
• "60 credit unions facing outages due to ransomware attack on popular tech provider" - The Record
• "Ransomware issues threat to financial institution" - The New Indian Express