Security News > 2022 > August > New 'Donut Leaks' extortion gang linked to recent ransomware attacks
A new data extortion group named 'Donut Leaks' is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando.
Strangely, the data for these victims have now appeared on the data leak site for a previously unknown extortion gang known as Donut Leaks.
The data shared on the Donut Leaks site is far more extensive than that shared on the ransomware sites, indicating that this new threat actor was involved in the attacks.
BleepingComputer first learned of the Donut Leaks extortion group from an employee of one of the victims, who told us that the threat actors breached the corporate network to steal data.
It is unknown whether the threat actors deploy ransomware when breaching networks or are simply a data extortion group.
This new extortion group illustrates how stolen data is making it into the hands of multiple groups, with each trying its own methods to extort victims.
News URL
Related news
- Clop ransomware threatens 66 Cleo attack victims with data leak (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)