Akira, the infamous ransomware gang has extorted over $250 million from businesses globally. It is now blackmailing to leak 46 GBs of data allegedly extorted from the Buffalo Convention Center. The stolen data includes financial information, contracts, employee records, and private data linked to around 1,80,000 people.
What do the experts say?
Resilience director at Gate 15, Ben Taylor has warned that ransomware gangs often boast the amount of data stolen. The alleged figure of 1,80,00 impacted people suggests data retrieved via a third-party provider, exaggerated claims to extort victims, or direct breach of venue systems.
The dark web monitoring firm Breach Sense verified the Buffalo Convention Center data breach. The FBI has classified Akira as a ransomware-as-a-service gang that extorted over $250 million from hundreds of businesses since 2023.
Convention centres have become a lucrative target for hackers
Convention centers, which increasingly act as repository for guest registrations, exhibitor information, payment data, contracts, and operational systems, are facing an escalating cybersecurity issue as a result of the alleged incident.
Ransomware gangs claim that they have gained access to a company in order to obtain leverage for a swift and simple payment. According to Taylor, there are situations in which these assertions are true and some that are not.
Ransomware as double extortion
Additionally, the attack illustrates how contemporary ransomware operations have evolved. “Double extortion” is a common method used by organizations such as Akira. Before encrypting networks, they take confidential files and threaten to reveal the information if payment is not received.
According to Taylor, developments in AI are intensifying the problem by making it simpler to scale and customize phishing campaigns and other cybercrime tactics.
About the victims
Buffalo Convention Center was not the only enterprise to suffer a ransomware attack.
High-case hospital hacks showcase the operational effect of a ransomware attack. According to MGM Resorts, in 2023, a cyberattack leaked personal data linked to millions of guests and impacted hotel operations for days. Another famous enterprise, Caesars Entertainment was also breached and allegedly paid $15 million in ransom to hackers.
The dangers go beyond convention centers. In April, Carnival Corporation was attacked by a gang that claims to have stolen over 8.7 million records such as dates of birth, names, and other personal data.
Read the original article: