BlackCat/ALPHV Ransomware Victim: VF Corporation

Description

• Since last week, VF Corporation has been involved in negotiations with our team. They’ve been employing a strategy of leaping onto the FBI’s tail and rushing their operation to seize the ALPHV website. We see how that ended. They are the reason the blog went down! We told them we were making a post then suddenly everything happens. VF Corporation pleaded with the FBI for a decryption key, but they couldn’t secure one. They offered significantly less than the asking price, and significantly less than their cyber insurance coverage. Their hope was to keep their balance sheet clean. This shows the critical thinking abilities of their executives. Furthermore, their CISO doesn’t want to pay as well, fine. But anyone listening to a CISO like this who let his company be killed shouldn’t have a job anyway. What kind of balls must you have to give advice after letting this happen, and what kind of brains would you have to listen to such a fool. We have attached their cyber insurance information, notes regarding the incident, and some more goodies. It’s absolutely pathetic how CrowdStrike (We Stop Breaches!) and Mandiant (beta male sells his last name to the highest bidder) were present since Wednesday and the company got brutally attacked on Friday. We expect that there will be damages within the nine figures due to poor management skills on resolving an issue quickly. Data leak information, if any, will follow at a later date. This post will be hidden after 3 days in an effort to reduce speculation, if they decide to pay. However, they have made it clear that they will not continue to engage if we make this post, we don’t care. Your negotiators will learn next time not to waste my time. Investors of VFC, you should investigate this, the leaders of the business are defrauding you. We still have access to plenty of their infrastructure. And to the VFC fools, this is what happens when you listen to negotiation and Incident response ‘experts’ who claim stalling will result in discounts. (They really told them this!!) Sometimes you need to learn by hitting your head on a wall. On their lowball offer, our price increased by 5 million. Subsequently, 24 hours later this blog post has been posted after they reiterated that their 6 figure offer is unchanged. This also raises questions about their primary insurer, Beazley Group, the manager of six Lloyd’s syndicates, who has the capabilities to continue paying out. Given the increase in cyber events in the past months by many actors. If I was a company looking for Cyber Insurance, I would avoid these people like the plague. The negotiators emphasized ‘We are trying to work towards a payment that fits the value of what you are offering to the client’ and further ‘the Client simply will not pay millions of dollars’??? No problem, we don’t want it. They also claim that the client has been able to reestablish key operations. Okay! Let’s wait and see. We are excited to see. VF Corporation’s breach counsel consists of Andrew Serwin from DLA Piper and Ed Trissel from Joele Frank. I have no regrets, do you?