Legrand CRM Pty Ltd Targeted in Data Breach by Hunters International

Incident Date: Jun 15, 2024

Attack Overview

VICTIM

Legrand CRM Pty Ltd

INDUSTRY

Software

LOCATION

USA

ATTACKER

Hunters International

FIRST REPORTED

June 15, 2024

Request Removal

Ransomware Attack on Legrand CRM Pty Ltd by Hunters International

Overview of Legrand CRM Pty Ltd

Legrand CRM Pty Ltd, based in North Sydney, New South Wales, specializes in providing Customer Relationship Management (CRM) software solutions. Founded in 2002, the company offers both cloud-based and on-premise CRM systems designed to streamline business processes, enhance customer service, and improve overall efficiency. Despite being a small business with only four employees and two external contract developers, Legrand CRM has made a name for itself by offering practical and intuitive CRM solutions tailored to the needs of small and medium-sized enterprises (SMEs).

Details of the Ransomware Attack

Legrand CRM Pty Ltd recently fell victim to a ransomware attack claimed by the group Hunters International. The attack was publicized on the threat group’s dark web leak site, although the site was inaccessible at the time of writing. The CEO of Legrand CRM confirmed a data breach but clarified that it was not a ransomware attack. The breach involved a small amount of data theft, and some of the stolen files were found to belong to other businesses. The company has contacted the Australian Cyber Security Centre (ACSC) and the Victorian government Cyber Incident Response Service (CIRS) for assistance.

About Hunters International

Hunters International is a ransomware group that emerged following the disruption of the Hive ransomware group. Unlike Hive, Hunters International focuses on stealing data rather than encrypting it. They have customized Hive's ransomware to enhance simplicity and efficiency, making it easier for operatives to use. The group targets a diverse range of sectors, including healthcare, automotive, manufacturing, logistics, financial, educational, and food industries. Their operations have been linked to Nigeria through domain registrations and email addresses.

Potential Vulnerabilities

Legrand CRM's small size and limited resources may have made it an attractive target for threat actors like Hunters International. The company's reliance on external contract developers and the integration of its CRM systems with other business applications could have provided potential entry points for the attackers. Additionally, the misrepresentation of Legrand CRM's size and revenue by the threat group suggests either a deliberate attempt to inflate the attack's significance or a case of mistaken identity with the larger electrical distributor Legrand Australia.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.