The Lynx ransomware group has allegedly targeted Bounds Gillespie Killebrew Tushek Architects (BGKT Architects), a prominent architecture firm based in Memphis, Tennessee, in a recent cyberattack. The US-based firm, which evolved from a longstanding partnership, is known for its extensive experience in hospitality design as well as large-scale commercial, governmental, and institutional projects. The alleged breach highlights the persistent threat that ransomware poses to professional service firms that handle sensitive client and project data.
As proof of the attack, the threat actors have allegedly leaked a significant amount of sensitive data belonging to the firm. The published files appear to contain confidential internal records, employee information, and proprietary project details. The exposure of such critical information could have serious implications for the company, its employees, and its clients. The allegedly leaked data includes:
- Employee payroll registers containing personal and financial details
- Contracts and change orders for multi-million dollar projects
- Confidential architectural blueprints and project plans
- Agreements with clients, contractors, and subcontractors
- Financial documents, including surety bonds and payment consents
