BlackMatter ransomware rocks Martiniquaise-Bardinet

Founded in 1934, La Martiniquaise-Bardinet is one of the French giants of the wine and spirits sector with more than one billion euros in turnover. The group counts among its brands Porto Cruiz, Duval, William Peel, Poliakov, Saint James… On the night of Monday 6 to Tuesday 7 September last, the company suffered a cyberattack by ransomware claimed by the cybergang BlackMatter. “Following this attack, we immediately lodged a complaint,” explained Donatien Ferrari, group communications manager for La Martiniquaise-Bardinet. Following the complaint filed by the company, an investigation is currently underway.

The origin of this incident has not been confirmed but may well have been triggered after the opening of a phishing email containing a malicious link or attachment that allowed BlackMatter cybercriminals to gain a foothold in the system. information and move sideways. “A few dozen mail servers and internal management, administrative, accounting and human resources were encrypted,” says Donatien Ferrari, specifying that the ransom requested – the amount of which has not been revealed – has not been paid. Furthermore, no contact with cybercriminals was made. Marketron, Iowa Famers and Olympus are among the latest victims of BlackMatter, a cybergang who filled the void left by the disappearance of Darkside.

Investments continue in cybersecurity

Cyber ​​attackers have reportedly managed to get their hands on 30 GB of data including commercial contracts and banking information. The production and logistics systems were not affected, however, according to the group. “All of our backups are daily and internalized. In addition, we use Power i type management systems that are particularly impervious to attack, ”said Donatien Ferrari. Did the lack of cloud back-up weigh on the service recovery time? Difficult to know at this stage but the group assures us “to think about all the options to strengthen its IT systems and to continue to invest in these more strategic subjects than ever. “We are going to take measures to strengthen our architecture and continue to inform our employees about the best practices to follow. We also hope that our complaint will be able, on our small scale, to advance the investigation of these international criminal groups, ”notes Donatien Ferrari.

To face this cyberattack, La Martiniquaise-Bardinet has surrounded itself with several IT security companies including Inquest, a risk management subsidiary created by GM Consultant. “We had taken out cyber insurance which sent us experts,” says Donatien Ferrari. The complete recovery of the IS should take another ten days, or nearly a month necessary since the start of the incident for a return to normal services. A usual delay for this type of problem.