Accelya – a technology firm providing services to many of the world’s largest airlines suffered a ransomware attack that impacted some of its systems.
The company hired managed to “quarantine” the ransomware before it could spread further throughout their system
However, the AlphV/Black Cat ransomware group published data it allegedly stole from Accelya.
The investigation revealed that there are no evidence to indicate that the malware could have moved laterally from their systems to their customers’ environments.
However, the company went over the data published to the AlphV leak site and notified any customers who had information exposed.
Source: https://therecord.media/major-airline-technology-provider-accelya-attacked-by-ransomware-group/
TPRM report: https://www.rankiteo.com/company/accelya
"id": "acc2056111122",
"linkid": "accelya",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'customers_affected': 'Customers whose information was '
'exposed',
'industry': 'Aviation Technology',
'name': 'Accelya',
'type': 'Technology Firm'}],
'attack_vector': 'Ransomware',
'customer_advisories': 'Notified customers whose information was exposed',
'data_breach': {'data_exfiltration': 'Data published to AlphV leak site',
'type_of_data_compromised': 'Customer Information'},
'description': 'Accelya, a technology firm providing services to many of the '
'world’s largest airlines, suffered a ransomware attack that '
'impacted some of its systems. The company managed to '
"'quarantine' the ransomware before it could spread further "
'throughout their system. However, the AlphV/Black Cat '
'ransomware group published data it allegedly stole from '
'Accelya. The investigation revealed that there is no evidence '
'to indicate that the malware could have moved laterally from '
'their systems to their customers’ environments. However, the '
'company went over the data published to the AlphV leak site '
'and notified any customers who had information exposed.',
'impact': {'data_compromised': 'Customer Information'},
'initial_access_broker': {'data_sold_on_dark_web': 'Data published to AlphV '
'leak site'},
'investigation_status': 'Ongoing',
'motivation': 'Data Theft and Ransom',
'ransomware': {'data_exfiltration': 'Data published to AlphV leak site',
'ransomware_strain': 'AlphV/Black Cat'},
'response': {'communication_strategy': 'Notified customers whose information '
'was exposed',
'containment_measures': 'Quarantine the ransomware'},
'threat_actor': 'AlphV/Black Cat ransomware group',
'title': 'Accelya Ransomware Attack',
'type': 'Ransomware Attack'}