As a consequence of a ransomware attack, Atalanta, a North American food importer, has acknowledged a data breach compromising workers’ personal information. Atalanta released a statement on Wednesday (December 8) detailing its incident response since the late July attack.
Atalanta discovered malicious behavior on their network on July 25, 2021, including the encryption of some computers. When Atalanta learned of the negative behavior, it promptly contacted third-party experts and began remediating the problem, which included performing a forensic investigation into the occurrence.
As a result of the incident, the forensic investigation determined that specific information about Atalanta’s current and past workers, as well as certain visitors, was accessed and collected. There has been no sign of any abuse of the material thus far.
Atalanta further explained that it acted immediately to investigate and identify the individuals whose information could have been compromised and put in place additional security measures to protect its systems and processes.
The firm, which is North America’s biggest privately held specialty food importer, also provided broad information on services that might assist people in protecting themselves from identity theft in circumstances when their personal information has been compromised.
Several key concerns remain unanswered in Atalanta’s statement, including how many records were leaked and what personal information was disclosed. Questions concerning how the attack transpired in the first place, as well as which ransomware strain was used in the attack, arise.
Ransomware attacks against businesses are becoming more widespread because of the easy profits they provide to attackers, even if only a small percentage of victims pay for decryption keys. Nowadays, ransomware gangs threaten to reveal samples of stolen data via data leak sites if victims refuse to pay their outrageous demands.