#Privacy: Canadian construction company struck by MAZE ransomware

The Toronto-based company Bird Construction that won military and government contractions, has been hit by a ransomware attack. 

The threat group behind the attack, MAZE, have claimed to have successfully stolen 60GB of data from the company. 

“Bird Construction responded to a cyber incident that resulted in the encryption of company files,” wrote a Bird Construction company spokesperson in an email to CBC. “Bird continued to function with no business impact, and we worked with leading cyber security experts to restore access to the affected files.”

The company has not revealed whether they have paid the attackers, however MAZE has become well known for publicly shaming their victims until they pay the ransom. 

Emsisoft threat analyst Brett Callow, told Infosecurity Magazine that MAZE has now published some of the company’s data, to which the files contain documents relating to Suncor and records for a few Bird employees which include their names, phone numbers, home addresses, banking information, tax forms, health numbers, social insurance numbers and drug and alcohol test results – “everything that a criminal would need to steal their identity. And all that info was posted on the clear web where anybody could’ve accessed it,”

“The big question is: what else did MAZE get and did any of the data relate to Bird’s government and military contracts?”

Between 2006 and 2015, the company landed 48 contracts totalling $406 million with Canada’s Department of National Defense. Thus the attack raises concerns about how secure government contracts are. 

“There is no way for a company to know that the data will be deleted after a ransom has been paid. In fact, it probably will not be deleted. Why would a criminal enterprise delete data that they may be able to use or monetize at a later date,”  Callow added.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.