Ransomware Group: BLACKBASTA

VICTIM NAME: hamptonsecurities[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKBASTA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page for the victim identified as Hampton Securities details a significant data breach affecting the organization, which operates in the financial services sector in Canada. Established in 1996, Hampton Securities describes itself as a leading full-service boutique investment platform. They cater to both retail and institutional clients by providing a wide array of services, including wealth management and capital markets solutions, alongside individualized insurance and estate planning services. As a result of the data breach, the organization reportedly has approximately 500GB of data compromised, which includes sensitive employee information, personal documents of customers, and confidential financial data. The specific nature of the breach and the potential impact on clients are areas of concern given the type of information involved.

The data breach was published on December 4, 2024, to a platform managed by the ransomware group known as Black Basta, indicating a severe risk to the organization’s reputation and client trust. The ransomware leak highlights several types of leaked information, including non-disclosure agreements (NDAs) and various confidentiality documents. The presence of detailed personal and financial information emphasizes the critical nature of the breach. Although no specific employee or customer identifiers were disclosed, the nature of the extracted data poses a significant risk. Visual content from the page showcases screenshots of internal documents, which could further detail the extent of the incident. Stakeholders from all sectors, particularly those in or utilizing financial services, should remain vigilant in light of these developments and the potential implications for personal data security.