RansomHouse says it breached Trellix and exposes internal systems
RansomHouse says it breached Trellix and exposes internal systems
Publish Date: 2026-05-08 16:34:26
Source Domain: securityaffairs.com
Summary:
RansomHouse ransomware group has taken responsibility for breaching cybersecurity firm Trellix. The attackers made their claims public on a Tor data leak site, providing screenshots indicating access to Trellix’s internal systems. Initially, Trellix disclosed an unauthorized intrusion into a part of its source code repository in early May. The firm promptly contacted forensic experts and law enforcement, but no evidence suggested that its source code had been altered or exploited. Although it remains unclear who executed the breach and how long the attackers had access, such a compromise potentially exposes sensitive code components, increases risks of intellectual property theft, and might cause reputational damage or supply chain issues. This incident underscores RansomHouse’s reputation for targeting large organizations globally, focusing on data theft and extortion rather than traditional ransomware attacks.
Key Points:
- RansomHouse claimed responsibility for breaching cybersecurity firm Trellix, exposing internal systems as evidence.
- Trellix disclosed a breach that gave access to a part of its source code repository and initiated a forensic investigation and notified law enforcement.
- RansomHouse emerged in late 2021 and targets large organizations using data theft and extortion tactics.
- The breach could have implications for sensitive logic, APIs, credentials, intellectual property theft, and potential supply chain risks.
- RansomHouse is considered a financially driven criminal organization, with a history of attacking critical infrastructure operators and large organizations globally.
