720-891-1663
Return to the list of client alerts
What if one of your suppliers gets hit by a ransomware attack?
What if the hackers claim to have stolen data?
What if the hackers ask for $50 million in ransom?
Well, in this case, your name might be Apple.
Or Dell or HP or Google or many others.
Some of the other customers of Quanta include
In case you haven’t heard of the hacked company, Quanta, I had not either. They are an original design manufacturer, meaning that they make stuff that that have other companies labels on them.
After not getting anywhere trying to extort Quanta for $50 million, they threatened Apple.
When that did not work, they have started publishing Apple blueprints, leaking information about new, unreleased products and making it easier for people to reverse engineer the products, including competitors.
The hackers are a major Russian hacking group, REvil.
Quanta said that it’s security team is working with outside experts, but that doesn’t help much if trade secrets from a number of large companies have been stolen and will either be posted or sold.
They also said that the ransomware only affected a few servers and they are back to operating normally. If what you mean by normal is that their customers’ proprietary information is now in the hands of criminals, they might want to call that the new normal.
The hackers say that they are continuing to negotiate the return of large quantities of confidential drawings and gigabytes of personal data with several brands.
So here is the important thing. You share data with vendors. You have to trust those vendors to keep that data safe. Depending on what data gets compromised, you will either get sued or get fined or both or more.
Who is on the hook? Did you do the right due diligence? How do you defend yourself from lawsuits. Who gets to pay if there are judgements against you. What is the long term business impact of that data becoming public?
Quanta is a big company (reported to be the second largest contract laptop manufacturer in the world), so hopefully they have lots of insurance.
Of course, insurance does not get your intellectual property back, nor does it put the genie back in the bottle when it comes to company secrets.
More information: