SFC Energy Ltd.
On September 24, 2021, the Organization discovered they were victim to a ransomware attack when employees found a message on their workstations “indicating that their computer had been hacked”. An investigation determined the threat actor gained access to the Organization’s network through a vulnerability in Microsoft Exchange. It is believed the threat actor had access to the Organization’s systems for approximately two months. “There are no available logs to identify the threat actor’s specific activity within the … network.” As such, the Organization did not rule out the possibility that data was exfiltrated by the threat actor.