The notorious 8Base ransomware group made its mark once again, but for all the wrong reasons. The Bahamas Medical & Surgical Supplies breach, taking place on August 24, 2023, at 06:28 UTC +3, brings into sharp focus the vulnerabilities yet again. The Bahamas Medical & Surgical Supplies breach unfolded via a dark web post today.
The threat actors have also shared a deadline before the data gets published. According to the threat actor post, they will publish the company data on August 31, 2023.
What caused the Bahamas Medical & Surgical Supplies breach?
While the exact reasons for the Bahamas Medical & Surgical Supplies breach are unknown, the 8 Base ransomware group have a history of claiming random victims, and that too in various sectors, industries, and regions. The 8Base ransomware group targeted Bahamas Medical & Surgical Supplies without any explicit reason.
Moreover, the 8 Base ransomware group shared a list of documents and files they claim to have been “uploaded to the servers.”
These files and folders include crucial information about the company, such as invoices, receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality agreements, personal files of patients, and other important documents.
The Cyber Express has reached out to the company to learn more about the Bahamas Medical & Surgical Supplies breach. However, at the time of writing this, no official response or statement has been received, leaving the exact claims of the cyber attack unverified.
Who is the 8Base ransomware group?
The 8Base ransomware group, a relatively new but audacious player in the realm of cyber threats, has been active since early 2022. The threat actor has gained notoriety for employing a double-extortion strategy, which involves a dual threat to victims.
This group’s approach entails a menacing ultimatum. Unless a ransom is paid, they will encrypt the victim’s files and make them public, aiming to exploit sensitive information and tarnish the victim’s reputation.
The deliberate intention is to compel victims into compliance by leveraging the fear of reputational harm alongside data loss. This type of “double-extortion” technique has become increasingly prevalent in modern ransomware attacks.
By combining data encryption with the threat of exposure, ransomware groups like 8Base are intensifying pressure on their targets, pushing them toward meeting their monetary demands.
The 8Base ransomware is suspected to propagate through two primary channels. The first is using phishing emails where the threat actor uses deceptive emails to spread the ransomware.
These emails likely carry malicious attachments or links that, when interacted with, allow the ransomware to gain a foothold in the victim’s system. The second method is using exploit kits. These kits capitalize on vulnerabilities in software or operating systems to initiate unauthorized access. Once a vulnerability is identified, the ransomware is deployed, potentially leading to file encryption and subsequent extortion.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.