Brokk Hacked by Play Ransomware Gang, Data Threatened with Leak

Severity: Medium (Score: 58.0)

Sources: Scworld, Cybernews

Summary

Brokk, a Swedish manufacturer of remote-controlled demolition machinery, was allegedly hacked by the Play ransomware gang, which is linked to Russia. The gang has threatened to leak a 4GB dataset containing sensitive internal corporate information if their ransom demands are not met. The stolen data reportedly includes financial details, budgets, payroll, IDs, taxes, and client files. Cybernews reported that the legitimacy of the claims has not been independently verified, but the potential reputational damage to Brokk is significant. The Play ransomware gang has been active since 2023, claiming over 1,100 victims, with recent targets including Jamco Aerospace. Brokk has not yet responded to inquiries regarding the breach. The incident highlights the ongoing threat posed by ransomware operations and the risks associated with data breaches. Key Points: • Brokk was allegedly hacked by the Russia-linked Play ransomware gang. • A 4GB dataset containing sensitive corporate data has been threatened with public release. • The Play ransomware gang has claimed over 1,100 victims since its emergence.

Key Entities

• Ransomware (attack_type)
• ADC Aerospace (company)
• Brokk (company)
• Helen Kaminski (company)
• Jamco Aerospace (company)
• Russia (country)
• United Kingdom (country)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Play (ransomware_group)