Ransomware Attack on Service Public de Wallonie by 8Base

Incident Date: May 13, 2024

Attack Overview
VICTIM
Service public de Wallonie
INDUSTRY
Government
LOCATION
Belgium
ATTACKER
8base
FIRST REPORTED
May 13, 2024

Ransomware Attack on Service Public de Wallonie by 8Base

Victim Overview

The Service Public de Wallonie (SPW) is a public service entity in the Walloon region of Belgium. It serves as the main interface between regional institutions and citizens, implementing policies decided by the Walloon Government within its competencies. With approximately 10,000 employees spread across central and decentralized services, SPW plays a crucial role in implementing regional policies and providing various services to citizens.

Company Profile

The SPW is composed of seven operational directorates, including the Secretariat General, Mobility and Infrastructure, Agriculture, Resources, and Environment, Territoire, Logement, Patrimoine, Énergie, Intérieur et Action Sociale, Économie, Emploi, Recherche, and Finances. It is a key partner for local authorities and is involved in sectors such as education, employment, and social support.

Attack Overview

The cybercrime group 8Base targeted the SPW through a ransomware attack, compromising the victim's website. The attack resulted in the exposure of sensitive information, including invoices, receipts, accounting documents, personal data, certificates, employment contracts, and more. The leaked data was fully published, indicating a serious breach of security. The ransom deadline was set for the 13th of May 2024.

Ransomware Group 8Base

8Base is a ransomware group that has been active since April 2022, targeting small and medium-sized businesses across various sectors. Known for its double-extortion tactics, 8Base encrypts files and steals data, threatening to publicly release it if the ransom is not paid. The group uses ransomware strains like Phobos and is believed to spread via phishing emails, exploit kits, and drive-by downloads.

Company Vulnerabilities

SPW's significant amount of confidential data and its role as a public service entity make it an attractive target for threat actors like 8Base. The exposure of sensitive information highlights the importance of fortified cybersecurity measures to mitigate such threats and protect valuable data.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.