Ransomware group ALPHV confirmed today, 5/14/23, that they have allegedly gained access to sensitive corporate and personal data by infiltrating the network of Academy Mortgage Corporation, headquartered in Draper, Utah with offices around the country, including several throughout the greater Nashville area.
As per a post on their dark web blog, ALPHV has had access to to Academy Mortgage Corporation's data for "a long time" and plans to leak this data 2-3 days unless the victim mortgage company successfully negotiates otherwise.
At the time of this writing, we are not sure how the group gained access to the data; however, in most cases of cybercrime, the point of entry is not brute force through perimeter defense, but rather a sophisticated form of social engineering via phishing, spoofing, or fraudulent software installations.
If you work for or have done business with American Mortgage Corporation:
- Change passwords to any sensitive systems.
- Turn on multi-factor authentication wherever possible.
- Monitor credit usage for fraud.
- Ensure fully patched and up-to-date computing systems and software.
- Report any suspicious activity immediately.
Ransomware is an especially dangerous software that spreads throughout a network and encrypts any system it accesses. Files are typically uploaded to the hackers' servers and held "hostage" until the victim performs certain actions (typically paying the hackers with cryptocurrency).
Hacks like this one can cause devastating harm to companies and their community of customers and business partners, not to mention the extremely high cost of reactive recoveries.
If you, or anyone you know, would like a bit of guidance around the proactive cybersecurity and business continuity planning of your business, please contact Scalable Business Technologies at any time.