On Thursday 9th of December 2021, Hellmann Worldwide, an international logistics that handles 16 million shipments per year has disclosed that they experienced a ransomware attack which resulted in Hellmann Worldwide being forced to shut down their systems to contain the spread of the ransomware. Hellmann Worldwide has confirmed that during the forensic investigation that they have conducted, they have discovered evidence of the data being exfiltrated by the ransomware group. Due to the stolen data, clients of Hellmann Worldwide have been targeted by scammers and phishing campaigns using the stolen data.
“Please note that the number of so-called fraudulent calls and mails has generally increased. Whilst communication with Hellmann staff via email and telephone remains safe (inbound and outbound), please make sure that you are actually communicating with a Hellmann employee and beware of fraudulent mails/ calls from suspicious sources, in particular regarding payment transfers, change bank account details or the like.”- Hellmann Worldwide.
The ransomware gang which is responsible for the incident is RansomEXX which published all the stolen data on their leak portal. The stolen data has been totalled to 70.64GB and contains documents, credentials, correspondence, agreements, orders
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.