The Sinobi ransomware group claims to have breached several organizations, updating its extortion portal to include a diverse group of affected companies.
The latest list of alleged victims posted by the group includes:
-
Interpack Northwest (🇺🇸): A broker in the frozen food market specializing in supplying frozen fruit, puree, and juice concentrates to various industries, including beverage and bakery.
-
Summa Energy (🇺🇸): A provider of 24/7 on-site fueling solutions, bulk fueling, tank sales and leasing, and emergency fueling services for industries like transportation and logistics.
-
Teco (🇺🇸): A full-service HVAC and plumbing company serving the Baltimore-Washington and Northern Virginia areas since 2002.
-
McAfee Tool & Die (🇺🇸): A manufacturing company specializing in precision components, engineering, CNC machining, and stamping production.
-
Eco Sound Builders (🇺🇸): A construction firm specializing in crafting high-performance custom homes, net-zero builds, and historic remodels utilizing sustainable building practices.
According to the actor, the incidents involve network encryption and proof of access. Based on the provided screenshots of the compromised networks, the allegedly compromised data includes:
-
Internal company file directories and network shares
-
Financial and accounting records (including QuickBooks data)
-
Client proposals, contracts, and billing information
-
System configurations, server manager details, and security software interfaces
