Lago Group Hit by RansomHouse: 450GB Data Stolen in Cyber Attack

Incident Date: Jul 26, 2024

Attack Overview
VICTIM
Lago Group Spa
INDUSTRY
Manufacturing
LOCATION
Italy
ATTACKER
Ransomhouse
FIRST REPORTED
July 26, 2024

RansomHouse Ransomware Attack on Lago Group S.p.A.

Overview of Lago Group S.p.A.

Lago Group S.p.A., established in 1968, is an Italian company renowned for its production of a diverse range of baked goods, primarily focusing on confectionery items such as cakes, biscuits, snacks, and wafers. The company emphasizes quality and tradition in its manufacturing processes, offering products that cater to various tastes and dietary needs, including sugar-free options. With annual revenues exceeding €50 million and a workforce of 303 employees, Lago Group has a significant presence in the Italian food industry and exports to more than 80 countries.

Details of the Ransomware Attack

On July 29, 2024, Lago Group S.p.A. fell victim to a ransomware attack orchestrated by the cybercriminal group RansomHouse. The breach led to the exfiltration of 450 GB of data from the company's systems. The specific nature of the compromised data and the full scope of the attack are still under investigation. As of now, details regarding any ransom demands or the actions taken by Lago Group in response to the attack have not been disclosed.

About RansomHouse

RansomHouse is a data extortion group that emerged in late 2021. Unlike traditional ransomware groups, RansomHouse does not encrypt files but instead gains access to corporate networks, steals data, and threatens to leak the stolen data publicly if the victim does not pay a ransom. The group markets itself as a "professional mediators community" aiming to "minimize the damage" and "bring conflicting parties together." However, their actions are still considered an extortion scheme that benefits only the group.

Potential Vulnerabilities and Penetration Methods

RansomHouse has been linked to collaborating with other ransomware groups like White Rabbit and Hive. They use tactics such as exploiting vulnerabilities, stealing data, and maintaining a data leak site to pressure victims into paying. The group has targeted a wide range of industries, with a focus on manufacturing, finance, and small businesses in North America and Europe. Lago Group's reliance on advanced technology alongside traditional craftsmanship may have presented vulnerabilities that RansomHouse exploited to gain access to their systems.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.