Discount is a Canadian car and truck rental company with 300 locations across Canada. Discount recently fell victim to a DarkSide ransomware attack. Following this attack, hackers claim to have stolen 120GB of data from Discount's database. This latest cyberattack has hindered Discount's online services. Another similar firm, Forward Air, was also hit by ransomware at the end of last year and its operations were impeded.
Discount's website went offline due to technical issues, and it seems Discount had a special team to isolate and contain the attack quickly once it was identified. As per reports from IT World Canada, the company's team is investigating the incident and looking forward to fixing it as soon as possible. Meanwhile, customers are being asked to call the number listed on their website for help with their vehicle rentals.
DarkSide ransomware operators have mentioned on their website that they have stolen 120GB of data from Discount. They've warned that the data is preloaded and will get published if the ransom isn't paid. They claim to have stolen data pertaining to finance, banking, marketing, franchise, and account data. DarkSide operators have published a picture of Discount's folder as proof.
DarkSide claims to have donated a part of the ransom it earned to the Children International and The Water Project charities. DarkSide also mentions that it doesn't target education, healthcare, government, and non-profit organizations. It only targets organizations that it views as having good enough revenue to recover after paying the demanded ransom. Although cybersecurity firm Bitdefender released a decryption tool for DarkSide ransomware, it seems the ransomware operators managed to find a workaround, so the tool is no longer helpful for decryption.
The best ways to reduce the chances of becoming a ransomware victim are to keep your systems and applications updated, avoid opening or downloading mail attachments, avoid clicking on email links from unknown senders, and ensure unwanted or malicious applications aren't installed in your network.
These are just the first steps you need to take against ransomware operators; to take your security to the next level, check out our 6 best practices for escaping ransomware attacks.
Companies also need to ensure they have the right tools for patch management and endpoint security management to keep their remote endpoints safe and secured.