Virgin Group, a multi-billion-dollar British conglomerate, has appeared on Cl0p’s dark web blog, which cyber crooks use to announce their latest victims. The company claims only Virgin Red, Virgin Group's rewards club system, not the group itself, is affected.
The Cl0p spree continues, with the ransomware syndicate adding around 30 alleged victims to its leak site on March 23. One of the more prominent names is Virgin, a global venture-capital conglomerate established by Richard Branson, one of the UK’s wealthiest people, with an estimated net worth of around $4 billion.
Virgin Group owns airlines, retail stores, an aerospace business, consumer goods suppliers, travel operators, and other concerns.
According to the Cl0p leak site, the gang believes Virgin’s revenue is $18 billion. Ransomware groups often link ransom demand with the company’s revenue, which sometimes leads to misunderstandings like the one between the LockBit ransomware gang and the British postal service Royal Mail.
Virgin's representative told Cybernews the attack only involved Virgin Red, not the group itself and the exposed files don't pose any risks to customers or employees.
“We were recently contacted by a ransomware group, calling themselves Cl0p, who illegally obtained some Virgin Red files via a cyberattack on our supplier, GoAnywhere. The files in question pose no risk to customers or employees as they contain no personal data,” the company told Cybernews.
Cl0p has added many well-known brands and organizations, such as Shell, Hitachi, Bombardier, Stanford University, Rubrik, and many others.
While some, like Bombardier, told Cybernews the exposed data comes from a 2021 breach, other companies confirmed Cl0p penetrated their defenses, likely with a zero-day bug found on Fortra’s GoAnywhere managed file transfer.
Cl0p ransomware has been around since 2019. The gang has also been at the forefront of the ransomware world, with estimated payouts reaching $500 million in November 2021.
Even though the gang stopped operations following the arrest of its several affiliates in late 2021, Cl0p came back to life earlier this month. Since then, the gang has been on a spree, reportedly adding dozens of victims a day.
For example, on Thursday (March 23), the gang claimed to have attacked around 30 businesses and organizations, with names of Toronto Municipality, Mexican airline Volaris, US-based TV network Gray Television, and others appearing on the gang’s leak site.
Updated on March 24 with a comment from Virgin.
Your email address will not be published. Required fields are markedmarked