Otto Simon Hit by Cactus Ransomware Group in Major Data Breach

Incident Date: Nov 08, 2024

Attack Overview

VICTIM

Otto Simon

INDUSTRY

Retail

LOCATION

United Kingdom

ATTACKER

Cactus

FIRST REPORTED

November 8, 2024

Request Removal

Ransomware Attack on Otto Simon by Cactus Group

Otto Simon, a well-established engineering consultancy and project delivery firm based in Manchester, UK, has recently fallen victim to a ransomware attack orchestrated by the notorious Cactus Ransomware Group. The attack, which came to light on November 8, has resulted in the unauthorized access and potential exposure of 1.9TB of sensitive data, including personally identifiable information (PII).

About Otto Simon

Otto Simon Limited, with a registration number of 04656787, is a prominent player in the engineering consultancy sector. The company, which employs approximately 64 people, has a rich history dating back to 1872. It specializes in providing innovative and cost-effective solutions across various sectors, including emergent technology, chemical processing, and hydrogen applications. Otto Simon's commitment to innovation and practical solutions has positioned it as a notable entity in the industry, having successfully completed over 800 projects globally.

Vulnerabilities and Attack Details

The Cactus Ransomware Group, identified in March 2023, is known for its sophisticated tactics, particularly exploiting vulnerabilities in VPN appliances. Otto Simon's reliance on advanced technological solutions and data-driven operations may have inadvertently exposed it to such vulnerabilities. The attack involved the encryption of data and the threat of leaking sensitive information if the ransom demands were not met. Cactus has already leaked a sample of the data to substantiate their claims, putting Otto Simon in a challenging position to secure its data and mitigate the breach's impact.

About the Cactus Ransomware Group

The Cactus Ransomware Group distinguishes itself through its double-extortion tactics, where it not only encrypts data but also exfiltrates it, threatening to publish the information if the ransom is not paid. The group primarily gains access to networks by exploiting known vulnerabilities in VPN devices and leveraging phishing attacks. Cactus's ability to encrypt its own binary to evade detection and its rapid adaptation to new vulnerabilities make it a formidable threat in the ransomware landscape.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.