A cybercriminal group called RansomHub, composed of members of the BlackCat organization, which was previously involved in the hacking of Femsa, started operations in early 2024. These individuals managed to evade FBI raids aimed at dismantling their group. According to a cybersecurity expert, the attack on PCM is just the beginning of a series of planned cyberattacks by RansomHub in the coming months.
The group directly threatened major companies such as Coca-Cola, Bimbo, Walmart Mexico, and Heineken on their website, which has alerted authorities and the companies themselves. Despite having strong cybersecurity systems, these companies are at high risk of being attacked by RansomHub, which already has them in its sights.
Víctor Ruiz, CEO of the cybersecurity company Silikn, warned that after the hack on PCM, sensitive information from the company, as well as data and contracts from Coca-Cola, Bimbo, and Walmart Mexico, has been exposed. The access obtained to PCM's credentials endangers other mentioned companies, as cybercriminals could send emails with malware or ransomware to their systems.
Ruiz explained that a cybercriminal could impersonate an employee of PCM and send an infected file to Coca-Cola, Bimbo, or their clients, which could result in the inadvertent installation of ransomware on their systems. Additionally, he recalled that RansomHub has previously attacked Femsa, indicating that they may attempt it again.
RansomHub, a group of hackers with connections in Russia and global reach, aims primarily to obtain economic benefits through their cyberattacks.
