"Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach"
A notorious ransomware group has recently filed a complaint with the US Securities and Exchange Commission (SEC) over the failure of a victim to disclose an alleged data breach resulting from an attack conducted by the cybercrime gang itself. The ransomware group known as Alphv/BlackCat has claimed to have breached the systems of MeridianLink, a California-based company that provides digital lending solutions for financial institutions and data verification solutions for consumers. The cybercriminals claim to have stolen a significant amount of customer data and operational information belonging to MeridianLink, and they are threatening to leak it unless a ransom is paid. In an apparent effort to increase its chances of getting paid, the malicious hackers claim to have filed a complaint with the SEC against MeridianLink, accusing the company of failing to disclose the breach within four business days, as required by rules announced by the agency in July. The ransomware gang published screenshots on its leak website on November 15 to show that the complaint has been filed and received by the SEC. This appears to be the first time a ransomware group has filed an SEC complaint against one of its victims.