The Everest ransomware group has allegedly targeted EMM Corp, a UK-based manufacturing entity, adding the company to its dark web leak site. The group claims to have exfiltrated over 900GB of sensitive internal data and has started leaking samples as proof of the breach. The published evidence suggests a deep compromise of the company’s network, with the attackers threatening to release the full dataset if their demands are not met within a four-day deadline.
EMM Corp appears to be closely associated with Usha Martin UK Ltd, a prominent manufacturer and distributor of wire ropes with a history dating back to 1989. The company is a significant player in the industrial manufacturing sector. The data allegedly stolen by the Everest group seems to encompass the entirety of the company’s operations, posing a severe risk to its business, employees, and customers. The proof files include detailed financial statements, internal file structures, and highly sensitive employee information.
Among the most alarming files leaked are documents containing system passwords in clear text, detailed profit and loss accounts, cyber insurance application forms, and extensive spreadsheets of employee data, including names, email addresses, and phone numbers. The exposure of such critical information could lead to significant financial and reputational damage for EMM Corp and its affiliates, while also placing its employees at high risk of identity theft and targeted phishing attacks.
The allegedly leaked data includes:
- Personal Data
- Customer Data
- Financial Documents
- Internal Documents
- Contracts
- Invoices
- System Passwords
- HR and Personnel files
