Security as a Service For All Businesses

Academy Mortgage Cyberattack: A Preceding Assault by ALPHV/BlackCat

Before the world watched in shock as the ALPHV/BlackCat ransomware group targeted MGM Resorts and Casinos, another high-stakes cyberattack had already left its mark on a prominent institution. Just a few months prior, Academy Mortgage found itself in the crosshairs of this notorious cybercriminal organization, shedding light on the group’s audacity and evolving tactics.

In this article, we unravel the details of the Academy Mortgage cyberattack, emphasizing the significance of this incident in the larger context of cybersecurity threats.

This cybercriminal organization claims to have infiltrated the Utah-based lender’s network and pilfered a trove of sensitive information, including customer and partner data, personal information, financial records, and internal documents. As the company grapples with this cybersecurity nightmare, the unfolding drama serves as a stark reminder of the ever-growing threat posed by ransomware groups in our digitally connected world. 


The Breach:

The breach, first reported by multiple sources, including, paints a troubling picture. ALPHV/BlackCat alleges that it had been embedded within Academy Mortgage’s network for an extended period, during which it meticulously studied the organization’s operations. This extensive access allowed the group to compromise a significant amount of confidential data, putting Academy Mortgage’s reputation and financial stability at grave risk.


A Chilling Ultimatum: 

Perhaps most chillingly, Academy Mortgage has taken a principled stance against paying the ransom demanded by the ransomware group. As a result, ALPHV/BlackCat has issued a menacing ultimatum: it threatens to release “high credit scores” and banking information of Academy’s borrowers onto the dark web within a mere 2-3 days. Such a move could have devastating consequences for the affected individuals and further damage the lender’s reputation. 


Background Context:

Academy Mortgage’s predicament is further complicated by its recent legal entanglement. In December, the company settled a significant False Claims Act case with the government, amounting to a hefty $38.5 million. ALPHV/BlackCat, seemingly aware of this fact, referenced the settlement on its leak site, insinuating that the lender’s compromised data could be used to inflict more harm on its reputation. 


Ransomware Group Profile: 

ALPHV/BlackCat is not a new player in the ransomware game. In fact, in January, the U.S. Department of Health and Human Services issued a warning about the group’s activities, particularly its impact on the U.S. healthcare sector. The group typically gains access to systems by exploiting unpatched and vulnerable software or pilfered login credentials. This flexibility enables them to infiltrate various operating systems, making them a formidable threat. 


A Word of Caution: 

Amidst this harrowing situation, it’s important to heed the advice of cybersecurity experts and law enforcement agencies. The FBI, for instance, strongly advises companies not to pay ransoms. Paying does not guarantee the safe recovery of data and can inadvertently encourage further attacks, perpetuating this vicious cycle of cybercrime. 

The ransomware threat facing Academy Mortgage is emblematic of the broader cybersecurity challenges confronting businesses and individuals alike in our digitally connected age. It underscores the urgency for organizations to prioritize robust cybersecurity measures, including regular software updates, employee training, and data backup strategies. As Academy Mortgage and others grapple with the fallout of such cyberattacks, the importance of vigilance and resilience in the face of evolving threats cannot be overstated. 

Act now to fortify your cybersecurity defenses and protect your organization from the ever-growing threat of ransomware. Don’t wait until it’s too late – Prioritize cybersecurity now!