The French multinational manufacturing and distribution company Banijay Group SAS was hit by a DoppelPaymer ransomware attack earlier this month and confidential information stolen from the ransomware operator during the incident

Yesterday, Banijay publicly confirmed a cyber incident that resulted in the possible compromise of employee and commercially sensitive data

Banijay became one of the largest, if not the largest, international groups in the audiovisual content production and distribution market for $ 2 billion in July 2020 after acquiring Endemol Shine Group for $ 2 billion

The group now hosts more than 120 production companies in 22 territories and stands behind some of the largest global entertainment brands, including scripted and non-scripted content

Banijay’s list of brands includes MasterChef, Survivor, Big Brother, The Kardashians, Mr Bean, Black Mirror, Extreme Makeover: Home Edition, and Deal or No Deal among many others

“Banijay is currently managing a cyber incident involving pre-existing networks Endemol Shine Group and Endemol Shine International,” the group said

“The company has reason to believe that certain personal information of current and former employees, as well as commercially sensitive information, may have been compromised”

Banijay reported the incident to local authorities in the UK and the Netherlands, where the assets affected by the attack are located

The France-based audiovisual production group has also hired third-party security experts to help investigate the attack

“The global group is currently investigating the situation with independent specialists and has so far reported the problem to the relevant local authorities in the Netherlands and the UK – the areas affected by the incident,” added Banijay

“We continue to take the appropriate measures and are committed to protecting our employees in the past and present So if we discover cases of data collection or misuse, we will contact the data subjects directly “

While Banijay has only disclosed that they suffered a cyber attack and that some of their data may have been compromised, the DoppelPaymer ransomware gang claims to be responsible

As evidence of their involvement in the attack, DoppelPaymer operators shared several documents that were believed to have been stolen from Banijay’s systems This tactic has been adopted by Maze Ransomware as of February 2020

DoppelPaymer also mocks the French manufacturing group by, among other things, pointing out GDPR compliance issues and publishing an internal GDPR compliance document

DoppelPaymer is a ransomware operation that has been known since at least mid-June 2019 to achieve business goals by gaining access to administrator credentials and using them to serve the ransomware payload on all devices after the entire network was compromised

This gang of ransomware is also known for demanding large amounts of ransom as they have been known to encrypt hundreds and even thousands of devices on their victims’ networks

For example, Mexico’s state-owned oil company PEMEX was hit by DoppelPaymer in November 2019 and asked to pay $ 4 million worth of bitcoins as a ransom

DoppelPaymer takes its name from BitPaymer (with whom it shares large chunks of code), but the gang have also added numerous upgrades, including a thread encryption process for faster operation

Big Brother

World news – FI – MasterChef, Big Brother producer of DoppelPaymer ransomware