White Mountain Backpacks Hit by Rhysida Ransomware Attack

Incident Date: Aug 31, 2024

Attack Overview

VICTIM

White Mountain Backpacks

INDUSTRY

Consumer Services

LOCATION

Australia

ATTACKER

Rhysida

FIRST REPORTED

August 31, 2024

Request Removal

White Mountain Backpacks Targeted by Rhysida Ransomware Group

Company Profile

Located in Preston, Victoria, White Mountain Backpacks has been a staple in the outdoor gear industry for over 30 years. The company focuses on designing and fitting custom internal frame travel packs, hiking packs, and daypacks. Their commitment to comfort and functionality, combined with competitive pricing, has made them a preferred choice for outdoor enthusiasts. The company also offers personalized fitting services and gear repair support, ensuring customer satisfaction and product longevity.

Attack Overview

The Rhysida Ransomware Group has claimed responsibility for the attack on White Mountain Backpacks, threatening to publish the company's data within the next 6-7 days. The attackers have posted sample screenshots of the compromised data on their dark web portal, adding urgency to the situation. This incident highlights the increasing threat of ransomware attacks and the critical need for comprehensive cybersecurity measures.

About Rhysida Ransomware Group

First observed in May 2023, the Rhysida Ransomware Group has quickly made a name for itself by targeting sectors such as education, healthcare, manufacturing, and government. The group employs a double extortion technique, stealing data before encrypting it and threatening to publish it unless a ransom is paid. Rhysida ransomware is written in C++ and uses the ChaCha20 encryption algorithm. The group typically deploys the ransomware through phishing campaigns and leverages valid credentials to establish network connections.

Potential Vulnerabilities

White Mountain Backpacks, like many small to medium-sized enterprises, may have been targeted due to potential vulnerabilities in their cybersecurity infrastructure. The company's reliance on digital operations and customer data makes it an attractive target for ransomware groups. The attack underscores the importance of implementing comprehensive cybersecurity measures, including regular security audits, employee training on phishing threats, and advanced data encryption practices.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.