RansomHub Targets Corient Capital Partners in Ransomware Attack

Overview of the Attack

Corient Capital Partners LLC, a prominent wealth management firm, has become the latest victim of the ransomware group RansomHub. The cybercriminals have claimed responsibility for the attack on their dark web leak site, stating that they have exfiltrated 30 GB of data from the firm's network.

Company Profile: Corient Capital Partners

• Company Size: Corient manages over $164 billion in client assets and employs a team of more than 240 partners.
• Industry Standout: As one of the largest integrated fee-only Registered Investment Advisors (RIAs) in the U.S., Corient is recognized for its comprehensive financial services and commitment to client excellence.
• Revenue: Specific revenue figures are not publicly disclosed, but the firm's substantial assets under management indicate significant operations.

Potential Vulnerabilities

While the specific vulnerabilities that were exploited in this attack are not detailed, firms like Corient with large asset holdings and extensive client information are attractive targets for ransomware groups. The high value of the stolen data can provide leverage for ransom demands, making financial institutions perennial targets for cybercriminals.

Details of the Ransomware Group

RansomHub is a relatively new player in the ransomware arena, known for its Ransomware-as-a-Service (RaaS) model. The group's operations are believed to have roots in Russia, with a typical setup that includes affiliates who carry out the attacks and share the proceeds with the core team.

References

• Corient Official Website
• Bloomberg - Corient Partners LLC Company Profile
• LinkedIn - Corient Private Wealth
• SEC - Corient Capital Partners LLC
• CI Financial Acquisition of Corient
• SOCRadar - Dark Web Profile of RansomHub