Private Equity Is a Tantalizing Target for Ransomware Hackers
Scammers are looking for victims with weak security and deep pockets. Many companies owned by buyout shops fit that bill.
Norm Hullinger was heading into work one day in October when he got a call that his company’s network was acting up. It was no simple glitch. Hackers had started freezing the data of Alphabroder, a sportswear distributor. They wanted more than $3 million to restore it. Grappling with whether to pay, Hullinger, the chief executive officer, embarked on a journey that’s increasingly familiar to law firms, hospitals, and cities that have found themselves on the other end of negotiations with ransomware criminals.
Even as experts raise alarms about the spread and increasing sophistication of such attacks, incursions on companies such as Hullinger’s have remained almost entirely out of the public view. That’s likely because a private equity firm, Littlejohn & Co., owns the business. Since private equity firms rely on their reputations as savvy investors to woo pension funds, wealthy individuals, and other clients, they aren’t keen to publicly admit that they or one of their companies has been hit by a ransomware attack.