Ransomware Attack on Service Public de Wallonie by 8Base
Ransomware Attack on Service Public de Wallonie by 8Base
Victim Overview
The Service Public de Wallonie (SPW) is a public service entity in the Walloon region of Belgium. It serves as the main interface between regional institutions and citizens, implementing policies decided by the Walloon Government within its competencies. With approximately 10,000 employees spread across central and decentralized services, SPW plays a crucial role in implementing regional policies and providing various services to citizens.
Company Profile
The SPW is composed of seven operational directorates, including the Secretariat General, Mobility and Infrastructure, Agriculture, Resources, and Environment, Territoire, Logement, Patrimoine, Énergie, Intérieur et Action Sociale, Économie, Emploi, Recherche, and Finances. It is a key partner for local authorities and is involved in sectors such as education, employment, and social support.
Attack Overview
The cybercrime group 8Base targeted the SPW through a ransomware attack, compromising the victim's website. The attack resulted in the exposure of sensitive information, including invoices, receipts, accounting documents, personal data, certificates, employment contracts, and more. The leaked data was fully published, indicating a serious breach of security. The ransom deadline was set for the 13th of May 2024.
Ransomware Group 8Base
8Base is a ransomware group that has been active since April 2022, targeting small and medium-sized businesses across various sectors. Known for its double-extortion tactics, 8Base encrypts files and steals data, threatening to publicly release it if the ransom is not paid. The group uses ransomware strains like Phobos and is believed to spread via phishing emails, exploit kits, and drive-by downloads.
Company Vulnerabilities
SPW's significant amount of confidential data and its role as a public service entity make it an attractive target for threat actors like 8Base. The exposure of sensitive information highlights the importance of fortified cybersecurity measures to mitigate such threats and protect valuable data.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!