News & Insights

Ransomware Group Turns to SEC after Victim Denies Payment

What happened?

After a ransomware gang broke into the systems of fintech platform MeredianLink, the gang did something quite unprecedented: they called the regulators, according to a Wall Street Journal article.

Hackers AlphV and Blackcat broke into MeridianLink’s systems, and to pressure the company into meeting ransomware demands, the hackers disclosed the incident to the SEC. After the SEC was notified, MeridianLink acknowledged the hack. The company said that the incident caused minimal business disruption.

This move, which demonstrates cyber criminals’ acute awareness of the regulatory landscape, comes following the SEC’s adoption of rules that will require various enhancements to cybersecurity programs of public companies, including disclosure of materially important cybersecurity incidents to investors within four days of discovering them. The SEC also recently announced that it was doubling the size of its unit responsible for crypto cases and cybercrime, and is expected to finalize the proposed Cybersecurity Risk Management rule for registered investment advisors in the near future.


The SEC continues to increase its focus on cybersecurity, and this is a trend we expect to remain constant, if not heightened, in 2024. If you have questions about cybersecurity best practices, or if your firm needs assistance with essential cyber and data security services like drafting and testing comprehensive cyber and data security policies, phishing prevention training, network penetration testing, vendor due diligence, we can help. Contact us today to learn more.