U.K.-based quirky fashion brand, French Connection (better known by the tag name FCUK) has reportedly been attacked by the REvil (aka Sodinokibi) ransomware gang. The attack was first reported by The Register, which confirmed that “no evidence” of customer data compromise was found but passport and identification card details of its employees, including that of the Founder and CEO Stephen Marks was stolen during the ransomware attack as a “proof-of-breach.”
The REvil group reportedly penetrated the backend servers of FCUK, allowing them to exfiltrate critical insider data before encrypting the systems. Soon after the attack was spotted, the IT team of FCUK sprung into action and suspended all affected systems on their network to contain the damages. The company is working closely with an undisclosed third-party cybersecurity firm to resolve the issue at the earliest. It also reported the incident to the Information Commissioner’s Office (ICO) as per the regulatory protocol.
Just hours after this incident, Brazilian healthcare company Grupo Fleury announced that it was a victim of a ransomware attack targeted by the same group – Revil. As per The Rio Times, its systems remained offline as the majority of them were blocked in the aftermath of the attack.
REvil Ransomware Gang’s Menace in Q1 2021
Just a day back, McAfee Labs released their ransomware research and findings from Q1 2021. McAfee detected 1,358 ransomware-related malware families containing signatures of the REvil ransomware group alone. Another interesting fact noted by McAfee’s researchers was that “smaller” ransomware campaigns (i.e., campaigns targeted at smaller companies) saw a downfall in Q1 while the Ransomware-as-a-Service (RaaS) campaigns targeted and breached larger organizations. Besides, the majority of these victims received a custom-made variant. This highlights the threatening dominance of the REvil group and its flourishing ransomware attack surface across industries.