ALPHV Ransomware Strikes: LoanDepot and Prudential Financial Targeted

 

Recently, Prudential Financial and loanDepot, two Fortune 500 companies were attacked by the ALPHV/Blackcat ransomware gang, which claims responsibility for the breaches. Despite the threat actors still having to prove their claims, the two companies were added to ALPHV's dark web leak site today, which is the first time the threat actors have added them to the dark web leak site. As a result of failed negotiations, ALPHV will be selling the stolen data from loanDepot's network and releasing Prudential's data for free as well. 

There was a data leak on the site of the infamous ALPHV ransomware operator - the BlackCat group - that revealed Prudential Financial and loanDepot as being the targets of the attacks on both firms, as an apparent admission by the group that it had been behind the attacks on these firms. Currently, the group has only added the names to its site, while the actual data has not yet been available. Because negotiations with Prudential Financial broke down, the group will be publishing its database for free for all to see. 

A company representative stated that the company would provide free credit monitoring and identity protection to those affected by the data breach. With roughly 6,000 employees and more than $140 billion in loan servicing in the United States, loanDepot is among the largest nonbank retail mortgage lenders in the U.S. A suspected cybercrime group breached Prudential Financial's network on February 4 and stole employee and contractor data. 

Prudential Financial also revealed on Tuesday that this breach occurred on February 4. Despite Prudential's ongoing investigation of the incident, it has not been determined if the attackers also exfiltrated customer or client data, even though the incident is being assessed in its full scope and impact. With revenue expected to exceed $50 billion in 2023, this Fortune 500 company will rank second in the world for life insurance companies in the U.S. 

They employ more than 40,000 people around the world. As part of the State Department's announcement, rewards of up to $10 million are being offered for tips that could lead to the identification or location of ALPHV gang leaders. 

During the first four months of this gang's activity between November 2021 and March 2022, it was linked to more than 60 breaches around the world, and an additional $5 million reward was offered for information on individuals who were either involved or attempted to be involved in ALPHV ransomware attacks. 

Law enforcement agencies estimate that ALPHV will have received at least $300 million through ransom payments from over 1,000 victims by the end of September 2023, as per the law enforcement agency. The Prudential Financial Corporation (Prudential Financial) filed an 8-K form with the Financial Industry Regulatory Authority (FINRA) last week detailing the incident that occurred. 

Although the company is still investigating the incident, its latest findings were that no sensitive information concerning its customers or clients was compromised. More than 40,000 people work for Prudential every year, and as a result, the company has more than $50 billion in revenues each year, making it one of the world's largest financial services companies. 

As a result of the new information, which comes shortly after the U.S. Upon receiving information that could help identify or locate ALPHV leaders, the State Department offered up to $10 million, with an additional $5 million for information on those who participated (or attempted to participate) in the ALPHV ransomware attack, for information that could lead to that identification. 

One of the most popular and active ransomware groups, next to LockBit, or Cl0p, is ALPHV. It has made headlines across the globe for its activism and popularity. In the latter half of 2021, it became apparent that DarkSide and BlackMatter had merged, possibly after these two companies merged. ALPHV and its affiliates are believed to have extorted hundreds of millions of dollars from its victims during its lifetime.