RansomHub Ransomware Attack on Bench International Exposes 50GB of Sensitive Data

Incident Date: Jul 16, 2024

Attack Overview

VICTIM

Bench International

INDUSTRY

Healthcare Services

LOCATION

USA

ATTACKER

Ransomhub

FIRST REPORTED

July 16, 2024

Request Removal

RansomHub Targets Bench International in Ransomware Attack

Overview of the Attack

Bench International, a leading executive search firm in the life sciences and healthcare sectors, has been targeted by the ransomware group RansomHub. The cybercriminals claim to have accessed 50GB of sensitive data and have threatened to publish it within two days if their demands are not met. This breach underscores the increasing threat of ransomware attacks on prominent organizations.

About Bench International

Founded in 1974 and headquartered in La Jolla, California, Bench International is renowned for its expertise in executive search and leadership consulting within the life sciences and healthcare industries. The firm operates globally with offices in the United States, the United Kingdom, and Switzerland. Bench International is distinguished by its commitment to diversity, boasting a 33% placement rate of leaders from diverse backgrounds. The company has a strong track record with a 98% project completion rate and a 75% retention rate for leaders placed over five years.

Vulnerabilities and Impact

Bench International's extensive network and handling of sensitive client data make it a prime target for ransomware attacks. The breach could significantly impact the firm's operations and reputation, given its role in high-impact leadership placements and strategic advisory services. The potential exposure of confidential data could undermine client trust and lead to financial and legal repercussions.

About RansomHub

RansomHub is a relatively new ransomware group believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive 90% of the ransom money, with the remaining 10% going to the main group. The group has targeted various countries and industries, including healthcare. RansomHub's ransomware strains are written in Golang, a trend among recent ransomware strains, which may indicate a shift towards more sophisticated attacks.

Penetration Methods

While the exact method of penetration in the Bench International attack is not disclosed, RansomHub typically exploits vulnerabilities in corporate networks to gain access. The use of Golang in their ransomware strains suggests a focus on evading traditional security measures. The group's strategy of making claims and backing them up with data leaks adds pressure on victims to comply with ransom demands.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.