Ransomware Attack on Embellir: A Cybersecurity Breach by 8Base

Incident Date: May 20, 2024

Attack Overview

VICTIM

Embellir

INDUSTRY

Retail

LOCATION

France

ATTACKER

8base

FIRST REPORTED

May 20, 2024

Request Removal

Ransomware Attack on Embellir by 8Base

Victim Overview

Embellir, a French company operating in the retail sector, was targeted by the cybercrime group 8Base in a ransomware attack. The company's website, embellir.fr, offers beauty and cosmetic products for sale, catering to customers looking to enhance their appearance. Embellir has locations in several countries, with varying legal entities registered in England, Switzerland, and Australia.

Company Profile

Embellir stands out in the beauty industry as a provider of a wide range of skincare, makeup, haircare, and other beauty products. The company's size ranges from 11-50 employees, with headquarters in Memphis, Tennessee. Despite having multiple entities, specific details about the revenue or standout features of the company matching embellir.fr are not readily available.

Attack Details

During the ransomware attack, 8Base did not make a ransom demand but exfiltrated sensitive data from Embellir. The stolen information includes accounting documents, certificates, confidentiality agreements, employment contracts, invoices, personal data, personal files, receipts, and other critical data. This breach exposed a vast amount of the company's private information, posing a significant threat to its operations and reputation.

Ransomware Group 8Base

8Base is a ransomware group known for its aggressive tactics and double-extortion strategy. They encrypt victims' files and threaten to release stolen data if the ransom is not paid. The group primarily targets small and medium-sized businesses across various sectors, using ransomware strains like Phobos customized with a ".8base" extension. 8Base has gained notoriety for its rapid rise in activities and similarities to other ransomware groups like RansomHouse.

Penetration and Vulnerabilities

It is believed that 8Base penetrated Embellir's systems through phishing emails, exploit kits, or drive-by downloads. The company's vulnerabilities may have stemmed from inadequate cybersecurity measures, lack of employee training on cyber threats, or outdated software systems. The exposure of sensitive data highlights the importance of robust cybersecurity protocols to prevent future attacks.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.