RansomHub Ransomware Attack Exposes 1.8 TB of inLighten's Sensitive Data

Incident Date: Aug 20, 2024

Attack Overview

VICTIM

inLighten

INDUSTRY

Media & Internet

LOCATION

USA

ATTACKER

Ransomhub

FIRST REPORTED

August 20, 2024

Request Removal

RansomHub Ransomware Attack on inLighten

InLighten, a leading provider of digital media solutions, has fallen victim to a ransomware attack orchestrated by the RansomHub group. The attack, discovered on August 21, has resulted in the theft of 1.8 TB of sensitive data from inLighten's network. RansomHub has threatened to publish the stolen data within the next 1-2 days, raising significant concerns for both the company and its clients.

About inLighten

Founded in 1989 and headquartered in Clarence, New York, inLighten specializes in digital signage, interactive kiosks, and multimedia systems. The company serves over 2,000 organizations, including educational institutions, Fortune 500 companies, and various retail and media entities. InLighten is known for its comprehensive suite of services, which includes content creation, management, and distribution through proprietary software and hardware. Their cloud-based Manager interface allows users to monitor network status, upload content, and manage presentations from any web-enabled device.

Attack Overview

The ransomware attack on inLighten has exposed vulnerabilities in the company's network security. RansomHub claims to have obtained 1.8 TB of sensitive data, which they plan to publish imminently. This breach is particularly concerning given inLighten's role in enabling clients to create, schedule, and broadcast content across private networks. The potential data leak could have far-reaching implications for both inLighten and its extensive client base.

About RansomHub

RansomHub is a relatively new ransomware group believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive 90% of the ransom money, with the remaining 10% going to the main group. The group has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, with a particular focus on healthcare-related institutions. RansomHub's ransomware strains are written in Golang, a language choice that aligns with recent trends in the ransomware world.

Penetration and Impact

While the exact method of penetration remains unclear, it is likely that RansomHub exploited vulnerabilities in inLighten's network security. The use of Golang in their ransomware strains suggests a sophisticated approach, potentially leveraging advanced techniques to bypass traditional security measures. The impact of this attack is significant, as it not only compromises inLighten's data but also threatens the security and privacy of their clients' information.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.