Galaxy Broadband Faces Lynx Ransomware Data Breach

Incident Date: Dec 12, 2024

Attack Overview

VICTIM

Galaxy Broadband Communications Inc,

INDUSTRY

Telecommunications

LOCATION

Canada

ATTACKER

Lynx

FIRST REPORTED

December 12, 2024

Request Removal

Galaxy Broadband Communications Inc. Targeted by Lynx Ransomware Group

Galaxy Broadband Communications Inc., a prominent Canadian telecommunications company, has fallen victim to a ransomware attack orchestrated by the Lynx ransomware group. The cybercriminals claim to have exfiltrated 550 GB of sensitive data from the organization, marking a significant breach in the company's cybersecurity defenses.

About Galaxy Broadband Communications Inc.

Established in 1992, Galaxy Broadband Communications Inc. is a leading provider of satellite internet and communication solutions in Canada. The company specializes in delivering high-speed, reliable, and affordable communication services, particularly to remote and hard-to-reach areas. With a focus on industries such as mining, healthcare, education, and logistics, Galaxy Broadband stands out for its robust connectivity solutions utilizing C band and Ku or Ka band technologies. The company also offers private 5G networks powered by Nokia’s carrier-grade platform, enhancing operational efficiency and security for businesses in isolated regions.

Despite its strengths, Galaxy Broadband's reliance on advanced technologies and its role in critical sectors make it an attractive target for cybercriminals. The company's emphasis on affordability and customizability, while beneficial for clients, may also present vulnerabilities that threat actors like the Lynx group can exploit.

Details of the Ransomware Attack

The Lynx ransomware group, known for its aggressive tactics and double extortion methods, has claimed responsibility for the attack on Galaxy Broadband. The group reportedly exfiltrated a substantial amount of data before encrypting the company's files, threatening to leak the stolen information if their ransom demands are not met. This approach not only increases pressure on the victim but also enhances the potential for financial gain for the attackers.

Profile of the Lynx Ransomware Group

Lynx is a relatively new player in the ransomware landscape, having emerged in mid-2024. The group distinguishes itself through its double extortion strategy and operates as a ransomware-as-a-service model, allowing other cybercriminals to utilize its ransomware for a fee. Lynx employs sophisticated encryption algorithms and maintains both clear web and dark web leak sites to coerce victims into paying ransoms. The group's connection to the INC Ransom group, with significant code similarities, highlights the evolving nature of ransomware threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.