Soon after the news about the attack on French insurer AXA, Avaddon cybercrime gang has breached, Acer Finance, a France-based financial consultancy and investment management firm.
Acer Finance offers risk management, financial planning, mutual funds, analysis, and advisory services to individuals, entrepreneurs, and institutional investors.
The Avaddon gang said if the company doesn’t communicate with them and meet their demands in 240 hours the hackers would start leaking the stolen data.
According to the statement published by the group on its leak site, the ransomware gang has stolen confidential clients’ and employees’ information.
“You can congratulate us on the successful attack on the company, we also have about a lot of confidential information of clients, a lot of confidential information of employees, banking, personal correspondence, contracts, agreements, forms of payment, a lot of data from the secretariat, licenses and much more.”
The hackers said Acer Finance will get a decryptor after paying a ransom, and if the company doesn’t they threatened to hit it with a DDoS attack.
To prove their point, the group published some stolen ID cards, contracts, personal documents, and a screenshot of the folders containing stolen files.
Previously, the group has also hacked the Asian branch of Axa and claimed to have stolen three terabytes of data.
It is interesting that because of the increased number of ransomware attacks and large ransoms, just before the attack, Axa announced that in France it would no longer reimburse ransomware payments for its customers.
Also, just before both Avaddon attack took place, the Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) warned of an ongoing Avaddon worldwide ransomware campaign targeting various organizations in the US, UK, France, Germany, China, Italy Brazil, India, France, UAE, and Spain.