Ransomware Attack on Richelieu Foods: Hunters International Strikes with Data Theft
Ransomware Attack on Richelieu Foods by Hunters International
Ransomware Attack Details
Richelieu Foods, a company based in the USA, was targeted in a cyberattack by the group Hunters International, who used ransomware to breach their systems. The attackers were able to steal a significant amount of data, totaling 401.3 GB, which included confidential documents, personally identifiable information (PII), financial data, HR records, project details, and more. Although the specific ransom demand was not disclosed, the attackers leaked a sample of the stolen data, revealing company revenue of 303 million USD and a total of 610 employees.
Victim Profile
Richelieu Foods, a private brand and contract packing food company founded in 1862, operates in the Manufacturing sector. The company is headquartered in Wheeling, Illinois, and has four manufacturing facilities across the Midwest. Richelieu Foods is known for its commitment to quality and innovation, offering a wide range of products including dressings, sauces, frozen, and deli pizza products.
Company Size and Industry Standing
The company has approximately 1,000 employees and reports yearly sales exceeding $500 million. It is one of the largest private-label frozen pizza manufacturers in the US, supplying products to major retailers like Walmart, Aldi, Kroger, and more. The company's focus on quality, service, innovation, efficiency, and manufacturing flexibility sets it apart in the food industry.
Vulnerabilities and Targeting
Richelieu Foods' prominence in the food sector, extensive customer base, and valuable data make it an attractive target for threat actors like Hunters International. The company's commitment to innovation and quality means it likely holds sensitive information that cybercriminals can exploit, and the large-scale operations and financial success of Richelieu Foods make it a lucrative target for ransomware attacks.
Ransomware Group Distinction
Hunters International distinguishes itself by focusing on data theft rather than encryption. This approach allows them to exfiltrate valuable information before encrypting it for ransom, increasing the pressure on victims to pay. The group's customization of ransomware tools for efficiency and simplicity streamlines their operations and enhances their ability to target a wide range of sectors worldwide.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!