Ransomware Attack on MRI by Hunters Exposes Sensitive Data and IT Vulnerabilities

Incident Date: Jun 15, 2024

Attack Overview

VICTIM

Manufacturing Resources International, Inc. (MRI)

INDUSTRY

Business Services

LOCATION

USA

ATTACKER

Hunters International

FIRST REPORTED

June 15, 2024

Request Removal

Ransomware Attack on Manufacturing Resources International, Inc. by Hunters

Company Overview

Manufacturing Resources International, Inc. (MRI) is an Atlanta-based company specializing in the design and manufacture of high-performance outdoor and semi-outdoor digital LCD displays. Founded in 2004, MRI has established itself as a leader in the industry with a strong focus on advancing display technology. The company boasts 578 granted patents in the US and several foreign countries. MRI's standout feature is its commitment to delivering the highest performance in display brightness, contrast, and color saturation, guaranteed for 10 years. The company operates a global monitoring and support network to offer remote and on-site service for every display it deploys.

Attack Overview

Hunters, a ransomware group, has claimed responsibility for a cyberattack on MRI. The attack has resulted in the exfiltration of sensitive data, including financial documents, IT data, project information, and screenshots. MRI, with a revenue of $25 million and 392 employees, now faces significant challenges in managing the repercussions of this breach. The attack was disclosed on Hunters' dark web leak site, highlighting the group's focus on data theft rather than encryption.

About Hunters Ransomware Group

Hunters International emerged in the cyber landscape following the disruption of the Hive ransomware group. Unlike Hive, Hunters focuses on stealing data rather than encrypting it. The group has customized Hive's ransomware to enhance simplicity and efficiency, making it easier for operatives to use. Hunters targets a diverse range of sectors, including healthcare, automotive, manufacturing, logistics, financial, educational, and food industries. Their operations have been linked to Nigeria through domain registrations and email addresses associated with the group.

Vulnerabilities and Penetration

MRI's extensive use of advanced technology and global operations may have made it an attractive target for Hunters. The company's reliance on digital systems for monitoring and supporting its displays could have provided multiple entry points for the ransomware group. Additionally, the exfiltration of financial and project-related data suggests that Hunters may have exploited vulnerabilities in MRI's IT infrastructure to gain access to sensitive information.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.