Threat Watch

Egregor Strikes Randstand

Randstand, the world’s largest staffing agency, recently fell victim to Egregor Ransomware after their network was accessed and unencrypted files were stolen. Last week a portion of the data that the threat actors behind Egregor stole was published on their leak site. They claimed it was only one percent of what they had, and it included accounting spreadsheets, financial reports, legal documents, and other miscellaneous business documents. Thankfully for Randstand they were able to continue operations without disruption after the attack. More information is being uncovered as Randstand continues their investigation, they are attempting to figure out if personal data of employees and customers was included in the stolen data.

ANALYST NOTES

It is important for companies to have a proper incident response plan in place for when incidents like these happen. It is also advised that a defense-in-depth strategy is used when attempting to prevent these attacks. Analysts in the Security Operations Center at Binary Defense will monitor endpoints on a 24/7 365 basis and quickly respond to any intrusions when they are detected.

Source: https://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/