Ransomware Attack on Granville Food Care Limited
Ransomware Attack on Granville Food Care Limited
Company Overview
Granville Food Care Limited, a leading cold storage provider for the food industry in Northern Ireland, has recently fallen victim to a ransomware attack by the threat actor and ransomware group Akira. The company, incorporated in 1974, offers food safety and quality assurance services to the food industry, including food safety training, auditing, consulting, and certification. With a medium-sized company status and a diverse range of directors, Granville Food Care stands out in the industry for its long history and multiple services provided.
Attack Overview
On May 23, 2024, Granville Food Care Limited experienced a data breach that exposed 20GB of sensitive data, potentially compromising client information and impacting the company's operations. The attack was carried out by the ransomware group Akira, known for targeting small to medium-sized businesses across various sectors using double extortion tactics.
Ransomware Group: Akira
Akira is a rapidly growing ransomware family that emerged in March 2023, affiliated with the now-defunct Conti ransomware gang. The group distinguishes itself by using double extortion tactics, unique dark web leak site with a retro interface, and targeting a wide range of organizations with ransom demands ranging from $200,000 to over $4 million.
Vulnerabilities
Granville Food Care Limited's vulnerabilities in being targeted by threat actors like Akira include unauthorized access to VPNs, credential theft, and lateral movement to deploy ransomware. The company's systems may have been penetrated through tools like RClone, FileZilla, and WinSCP for data exfiltration, as well as the deployment of a previously unreported backdoor.
Sources:
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!