(817) 767-9400 info@novusitinc.com

Escalating Extortion Tactics by BlackCat Ransomware

The BlackCat Ransomware group has escalated its extortion methods by filing a complaint with the U.S. Securities and Exchange Commission (SEC) against MeridianLink, alleging non-compliance with mandatory cyberattack disclosure regulations.

BlackCat Ransomware’s Strategic Move Against MeridianLink

In a recent development, BlackCat Ransomware listed MeridianLink, a provider of digital solutions for financial institutions, on their data leak site. The group threatened to release stolen data unless a ransom demand was met within 24 hours.

Hackers Utilize SEC Complaint as a Leverage Tool

According to DataBreaches.net, THe BlackCat Ransomware group claimed to have infiltrated MeridianLink’s network, stealing data without encrypting the company’s systems. With an apparent lack of response from MeridianLink to negotiate, the ransomware group resorted to filing an SEC complaint, accusing the company of failing to disclose a cybersecurity incident that potentially affected customer data.

The Ransomware Group’s Direct Communication with the SEC

ALPHV went a step further by submitting a complaint form to the SEC’s Tips, Complaints, and Referrals page, alleging a significant breach at MeridianLink that was not disclosed as per Form 8-K, Item 1.05 requirements.

SEC’s New Cybersecurity Incident Reporting Rules

The SEC recently implemented new rules mandating publicly traded companies to report material cyberattacks. These rules, becoming effective on December 15, 2023, are aimed at ensuring transparency in incidents that could influence investment decisions.

MeridianLink’s Response to the BlackCat Ransomware Cyberattack Allegations

MeridianLink acknowledged the cyberattack, stating they took immediate action to contain the threat and are conducting an investigation with external experts. The company is assessing whether any personal consumer information was compromised and has found no evidence of unauthorized access to its production platforms.

A New Precedent Set by BlackCat Ransomware

In conclusion, the ALPHV/BlackCat Ransomware group’s decision to file an SEC complaint against MeridianLink marks a significant escalation in ransomware extortion tactics. This incident highlights the evolving strategies of cybercriminals and the importance of compliance with cybersecurity regulations.

Contact us to see how we can help with your IT and Security needs.

Like what you read?  Follow us on Facebook, LinkedIn, Instagram, and Mastodon!

blackcat ransomware