TG3 Electronics Faces Ransomware Threat from Rhysida Group

Incident Date: Jan 19, 2025

Attack Overview

VICTIM

TG3 Electronics

INDUSTRY

Manufacturing

LOCATION

USA

ATTACKER

Rhysida

FIRST REPORTED

January 19, 2025

Request Removal

Ransomware Attack on TG3 Electronics by Rhysida Group

On January 20, 2025, TG3 Electronics, a prominent player in the manufacturing sector, fell victim to a ransomware attack allegedly orchestrated by the Rhysida group. This incident underscores the persistent threat posed by ransomware actors targeting critical industries.

Company Profile: TG3 Electronics

Founded in 1986, TG3 Electronics is a leading supplier of engineered input solutions based in Kenosha, Wisconsin. The company specializes in designing and manufacturing custom input devices, including keyboards, bump bars, and control panels, for diverse sectors such as medical, healthcare, public safety, and industrial applications. Operating from a 45,000 square foot facility, TG3 Electronics employs approximately 42 people and generates an estimated annual revenue of $8.2 million. Their commitment to quality is evidenced by ISO 9001:2015 and ISO 13485:2016 certifications.

Attack Overview

The Rhysida ransomware group claims to have accessed TG3 Electronics' database, threatening to publish the data within a week. The exact size of the potential data leak remains unknown. This attack highlights the vulnerabilities faced by companies like TG3 Electronics, which handle sensitive data across multiple sectors. The company's reliance on custom solutions and engineering expertise makes it a lucrative target for threat actors seeking to exploit data sensitivity and operational continuity.

Rhysida Ransomware Group

Emerging in May 2023, Rhysida has quickly established itself as a formidable Ransomware-as-a-Service (RaaS) operator. Known for targeting high-value sectors such as healthcare and government, Rhysida employs a double extortion model, demanding ransoms for both data decryption and to prevent public data release. Their tactics include phishing, VPN exploitation, and the use of legitimate system tools to evade detection. Rhysida's operations resemble those of Vice Society, suggesting potential tactical overlap.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.