The BlackCat/ALPHV Ransomware Attack on Five Guys

The BlackCat/ALPHV ransomware gang posted the popular burger chain Five Guys on its data leak site along with what was purported to be proof of sensitive data exfiltration as part of a Double Extortion scheme to incentivize payment of the ransom demand.

It is assessed that the threat actors may have accessed sensitive company data including banking information and payroll info, as well as recruiting data and other sensitive information. Attackers previously hit Five Guys that exposed employee data and subsequently led to a lawsuit against the fast food chain stemming from financial fraud associated with the data lost in the attack.

Takeaway:

The exfiltration of sensitive data means that even with a robust cyber resilience program and data backups to assist in recovery efforts, organizations face additional risk from the exposure of internal communications, trade secrets, R&D assets, intellectual property, and more, and that risk can extend to other organizations as the valuable information is leveraged in other criminal acts.