Khoo and Company Hit by Cicada3301 Ransomware Attack

Incident Date: Aug 31, 2024

Attack Overview

VICTIM

Khoo and Company, Inc

INDUSTRY

Business Services

LOCATION

USA

ATTACKER

Cicada 3301

FIRST REPORTED

August 31, 2024

Request Removal

Ransomware Attack on Khoo and Company, Inc.

Khoo and Company, Inc., a professional services firm based in San Francisco, California, specializing in accounting, tax compliance, and advisory services, has fallen victim to a ransomware attack by the cybercriminal group Cicada3301. The attack, disclosed on August 31, 2024, has compromised 150 units of data from the firm's systems, causing significant operational disruptions.

About Khoo and Company, Inc.

Founded in 2001 by Eng Kuan Khoo, CPA, Khoo and Company, Inc. operates with a small but highly qualified team of tax professionals. The firm offers a comprehensive suite of services aimed at assisting both individuals and businesses in navigating the complexities of U.S. and international tax regulations. Their services include tax preparation, planning, consulting, bookkeeping, financial statement preparation, and business advisory services. The firm is known for its personalized approach, ensuring that each client's unique circumstances are taken into account.

Attack Overview

The ransomware attack by Cicada3301 has compromised sensitive data from Khoo and Company's systems. The breach threatens to undermine the trust and reliability that the firm has built with its clients over the years. The attack has exposed vulnerabilities in the firm's cybersecurity measures, highlighting the need for enhanced defenses against sophisticated cyber threats.

About Cicada3301

Cicada3301 is a new threat actor group that emerged in June 2024. Unlike traditional ransomware groups, Cicada3301 operates as a data broker, focusing on stealing sensitive data and selling it on dark web marketplaces. The group distinguishes itself by leveraging the threat of releasing stolen data to pressure organizations, although their main intent is to profit from selling the data rather than extorting ransom payments directly from the victims.

Penetration and Impact

While the exact method of penetration remains unclear, it is likely that Cicada3301 exploited vulnerabilities in Khoo and Company's cybersecurity infrastructure. The attack has caused significant operational disruptions, posing severe risks to the firm's reputation, financial stability, and client trust. The exposure of sensitive data can lead to identity theft, corporate espionage, regulatory penalties, and loss of customer trust, making the attack particularly harmful and enduring.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.