Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Actors, artists, and media have been impacted by the INC Ransom ransomware attack on a major arts festival.
On 17 July, the INC Ransom ransomware operation listed the Venice Biennale as a victim on its darknet leak site.
The Hollywood Reporter discovered the incident after the Biennale reached out to the outlet to inform it that its details were part of the leak.
“In a notification sent to those affected, including journalists at The Hollywood Reporter, festival organisers said the attack occurred on July 7 when unknown individuals accessed and copied documents stored on the Venice festival servers, exposing data such as names, email addresses, phone numbers, mailing addresses, and, for attendees who can claim back VAT on their accreditation fees, tax codes,” the entertainment outlet said in a 6 August news article.
However, that description of the impacted data, as provided to The Hollywood Reporter, fails to mention the scope of the attack as claimed by INC Ransom. According to the original leak post, the hackers got away with 800 gigabytes of data, and a tranche of sample documents was also posted to the darknet leak site at the time.
“Now we know how much the [sic] The Venice Biennale earns, how much money sponsors and other partners transfer to them! We publish only a small part of 800+ gigabytes of data!” INC Ransom said in its leak post.
While much of the sample data consists of spreadsheets relating to sponsor payments and other financial data, there are some significant pieces of personal information, including scans of passports and other identifying documents belonging to prominent performers and artists. One document features the banking and tax details of actor Willem Dafoe. A scan of the actor’s passport is also part of the leaked sample data.
The Venice Biennale has confirmed the incident.
“We discovered the attack on July 7th and immediately disconnected our systems from the external world and informed the Italian police and magistrates,” a Biennale spokesperson told Cyber Daily.
“As soon as we had certainty of exfiltration of specific data, our systems were blocked and did not allow us certainty of analysis for days.”
The Biennale has notified those impacted, and while some disruption was experienced at the time, all services are now back in operation.
The Venice Biennale was formed in 1895 and supports the arts in all its forms, but it is perhaps best known for the Venice International Film Festival, which is regularly attended by cinema royalty. The 82nd festival will run this year from 27 August to 6 September.
INC Ransom was first observed in August 2023 and has claimed 408 victims, including the Biennale.
The gang is known for its spear phishing tactics, which it employs to gain access to its victims, and for using double-extortion techniques, both encrypting the data it steals and then threatening to publish that data online.
It has not published any other data related to the Biennale since its initial leak post.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
