In Ransomware News, Gang Snitches on Its Victim to the SEC

ransomware news, ransomware, news, SEc,

In ransomware news today, ALPHV ransomware operation snitches to the SEC on its victim for not reporting the attack.

  • The ransomware operation attacked MeridianLink, a publicly traded software company.
  • The hacker group filed a complaint with the SEC after a breakdown in communications regarding payments.

ALPHV/BlackCat ransomware operation filed a complaint with the U.S. Securities and Exchange Commission (SEC) against MeridianLink for not disclosing their cyberattack.

They accuse MeridianLink, a publicly traded software company, of failing to comply with the SEC’s new four-day rule for disclosing a cyberattack.

There’s petty and then there’s this.

On November 7th, the operation attacked the digital solutions provider and threatened to release allegedly stolen sensitive data unless they paid the ransom within 24 hours. Considering that MeridianLink provides solutions for financial organizations, including banks, credit unions, and mortgage lenders, things could get dangerous quickly.

Following a failure to communicate regarding payment negotiations, the operation took it upon itself to file a complaint with the SEC on its Tips, Complaints, and Referrals page. The group even shared a screenshot on their website of the complaint submission. ALPHV alleges that MeridianLink suffered a “significant breach” but did not disclose it as required by the SEC’s new rules, Form 8-K, under item 1.05.

These new rules are to go into effect on December 15th. So, it is unclear what the repercussions will be for the company now.

MeridianLink responded to’s inquiry with a confirmation of the cyberattack. The company is still determining if any consumer personal information was impacted and pledges to notify affected parties if necessary.

“Upon discovery on the same day, we acted immediately to contain the threat and engaged a team of third-party experts to investigate the incident. Based on our investigation to date, we have identified no evidence of unauthorized access to our production platforms, and the incident has caused minimal business interruption.”

If this proves anything, it’s that cyberattackers are evolving. They are using regulatory bodies like the SEC to exert additional pressure on victims. And subsequently forcing these companies to be honest with their public.

Thomas Barton, senior IR analyst at Integrity360, told Cyber Security Hub, “This highlights the importance of engaging experienced legal and cybersecurity professionals before, during and after an incident who can assist in navigating the complex challenges that such an attack can present.”

I’ve heard of a company exploiting loopholes. But a law-abiding hacker who’s also well-versed in law. It’s a weird combination of scary and impressive. It’s definitely bizarre.

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.