The REvil ransomware gang, which claims to be auctioning data stolen during the attack, targeted US nuclear weapons contractor Sol Oriens with a cyberattack.
Sol Oriens describes itself as assisting “Defense and Energy Department Organizations, Aerospace Contractors, and Technology Firms in the execution of complex programs.”
The REvil ransomware gang published a list of companies whose data they were auctioning off to the highest bidder last week.
REvil claims to have stolen company data and personnel data, including salary information and social security numbers, from one of the listed organizations, Sol Oriens.
The REvil provided documentation in the form of images of a hiring overview document, payroll records, and a wage report.
The ransomware gang threatened to share “important paperwork and data” with “military agencies of their choice” if Sol Oriens did not pay the hacker’s extortion demands.
The cyberattack in May 2021, according to Sols Oriens, was confirmed.
Sols Oriens reported a cyberattack on their network in May 2021 in a statement released by Javers on Twitter.
“The investigation is ongoing, but we recently determined that an unauthorized individual acquired certain documents from our systems.”
“Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”
“We have no current indication that this incident involves client classified or critical security-related information. Once the investigation concludes, we are committed to notifying individuals and entities whose information is involved.”
The inquiry is still underway, but the company has discovered that an unauthorized person obtained papers from its systems.
Those documents are currently being examined, and they are collaborating with a third-party technological forensic organization to evaluate the scope of any compromised information.
They will notify individuals and companies whose information is involved after the investigation is completed.
Also read: SEO poisoning used to backdoor targets with malware
You might also like: JBS ransomware attack: paid $11 million to REvil ransomware