Tipalti, a prominent payments processor, is currently investigating a ransomware attack potentially linked to the AlphV or BlackCat ransomware-as-a-service operation and its affiliates, including Scattered Spider. This group has been associated with several high-profile attacks recently, targeting major companies like MGM Resorts, Caesars Entertainment, Clorox, Fidelity National Financial, Five Guys, Estée Lauder, and NCR.
Microsoft threat researchers, in late October, categorized the threat group behind these identity-based cyberattacks as one of the most significant financial criminal groups currently active. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory in mid-November about Scattered Spider, urging victims to promptly report attacks and share information with authorities.
According to information from AlphV’s leak site, the group claims to have contacted specific Tipalti customers, particularly those from whom they have stolen the most data. The group specifically mentioned Roblox, a client of Tipalti, as one of its early targets and has threatened to leak sensitive data unless their extortion demands are met.
However, Roblox has stated that it is not aware of any impact on its systems and has not been approached by any groups claiming responsibility for the attack against Tipalti.
Based in California, Tipalti plays a significant role in the financial sector, assisting over 3,500 customers in making payments that exceed $50 billion annually to more than 4 million suppliers. The investigation into the ransomware attack is ongoing, and its implications for Tipalti’s operations and clients are still being assessed.
Your source for supply chain report news updates: The Supply Chain Report. For international trade insights and tools, head to ADAMftd.com.
#TipaltiCyberattack #RansomwareInvestigation #AlphV #BlackCatRansomware #ScatteredSpider #CyberThreats #MGMResortsBreach #CaesarsCyberAttack #CloroxSecurity #FidelityCyberRisk #FiveGuysBreach #EsteeLauderSecurity #NCRAttack #MicrosoftCybersecurity #CISAAlert #FBIWarning #RobloxDataProtection #FinancialCybersecurity #CybercrimeAwareness
