Info Data Leak

JG Summit Holdings Hit by Ransomware Attack from RansomHub

kukublanPH

Threat Actor: RansomHub | RansomHub
Victim: JG Summit Holdings | JG Summit Holdings
Price: Not disclosed
Exfiltrated Data Type: 300GB of encrypted data

Key Points :

  • JG Summit Holdings is one of the largest conglomerates in the Philippines.
  • The ransomware attack affected over 40,000 computers within the company’s network.
  • The attackers have set a countdown timer for the conglomerate to meet their demands.
  • RansomHub has threatened further actions, including data shredding, if their demands are not met.
  • The attack has resulted in the encryption of 300GB of data.
  • JG Summit Holdings has not yet released an official statement regarding the attack.
  • The incident underscores the importance of cybersecurity vigilance for companies.

Manila, Philippines – JG Summit Holdings, one of the Philippines’ largest conglomerates, has fallen victim to a ransomware attack orchestrated by the cybercriminal group known as RansomHub. The attack was disclosed through a public webpage set up by the threat actors, detailing their demands and the extent of the breach.

RansomHub has claimed responsibility for encrypting data on more than 40,000 computers within JG Summit’s network. A countdown timer prominently displayed on the ransom note indicates that the conglomerate has just over seven days to meet the demands of the attackers before further actions are taken. As of 7:09 PM on August 7, 2024, the timer reads “7 days, 16 hours, 22 minutes, and 24 seconds.”

In a statement posted on the ransom note, RansomHub expressed their frustration with JG Summit’s lack of communication. The threat actors highlighted that they had been waiting for a response to resolve the issue quietly but were ignored. RansomHub has made it clear that if their demands are not met, they are prepared to carry out additional attacks, including further encryption, data shredding, and the use of secure delete functions to ensure no recovery is possible.

Impact and Response

According to the ransom note, the attack has resulted in the encryption of 300GB of data. The last view of the compromised system was recorded at 7:36 PM on August 7, 2024, indicating ongoing monitoring by the attackers. JG Summit Holdings has yet to release an official statement regarding the attack or their plans for negotiation.

About JG Summit Holdings

JG Summit Holdings, Inc. is a major player in various sectors, including air transportation, banking, food manufacturing, hotels, petrochemicals, power generation, publishing, real estate, property development, and telecommunications. The company reported a revenue of $6 billion, making it a significant target for ransomware attacks.

The incident serves as a stark reminder of the importance of cybersecurity vigilance. Companies are encouraged to regularly update their security protocols, train employees on recognizing phishing attempts, and ensure that data backups are both frequent and secure.

Source: https://kukublanph.data.blog/2024/08/08/jg-summit-holdings-hit-by-ransomware-attack-from-ransomhub/

Tags: PHISHING, IMPACT, BREACH