The shocking 170GB of data leaked online. Learn more details below.
Yesterday, October 26, a ransomware group “Everest” has shared data belonging to their new victim. This time, one of the world’s biggest sustainable packaging solutions has been targeted. With their 114 locations around the world and 19,600 employees, Huhtamaki’s infrastructure has been paralysed by ransomware virus.
Huhtamaki Group is known for their 100-year history of conducting business, and a strong Nordic heritage. In 2021 alone the group’s net sales totalled EUR 3.6 billion. The group’s parent company Huhtamäki Oyj is listed on Nasdaq Helsinki Ltd.
The Everest ransomware operators have published the files online allegedly because company has refused to pay the ransom. Earlier this month Everest ransomware has also leaked internal files belonging to a financial company Gershon Biegeleisen & Co, as well as a law company Backus, Meyer & Branch, LLP and medical records belonging to MultiCare Home Health.
A huge archive containing Huhtamaki data has been shared on underground hacking forums yesterday. Overall, the uncompressed files weight over 300GB worth of financial, customer, employee and affiliates’ data, as well as various reports, presentations, documentation and even design solutions.
The Kaduu Team has analysed leaked files and have detected that ransomware operators have first left a message in the victim’s infrastructure on January 7, 2022. The text note is stating that cyber criminals have already downloaded all the data from the companies’ servers. The ransomware gang posed a 3-day window for Huhtamaki to contact them, otherwise all the data will be leaked in the dark web.
Has the company been in contact with the cyber criminals or Everest published data online with a big delay? These are the details that remain unclear.
Huhtamaki’s Flexible Packaging has released an official statement about this incident.
Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.