Connect with us

Hi, what are you looking for?



Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party

Dragos finds no evidence of a data breach after the BlackCat ransomware group claimed to have hacked the security firm via a third party.

Dragos says it has found no evidence of a data breach after a known ransomware group claimed to have hacked the industrial cybersecurity company’s systems through a third party.

“Dragos is asked to reach out within 24 hours, or we will begin the publication of both the facts and the data of executive members. This is the result of a third-party breach,” the cybercrime group known as BlackCat and Alphv wrote on its leak website in a post dated November 11. 

Dragos has launched an investigation, but there is no evidence to date that the hackers’ allegations are true. 

“We are aware of an unsubstantiated claim of a breach of information about Dragos executives purportedly from a third-party compromise,” Dragos said in a statement to SecurityWeek. “While security companies like Dragos are often the subject of repeated false claims, we take the responsibility to protect data very seriously and immediately began an investigation into the claims, utilizing our own internal experts and our external security providers.” 

“We have not been contacted directly by the criminals and our investigation to date has not produced evidence of a compromise of Dragos systems. We will continue to investigate and monitor this situation,” the company clarified.

This is not the first time a ransomware group has made apparently false claims against Dragos. In October, the threat actor behind the RansomedVC operation, which recently announced closing shop, made contradictory and highly confusing claims about hacking Accenture, Colonial Pipeline and Dragos. At the time, the industrial cybersecurity firm described their claims as “obviously false”.

Dragos did confirm in May that a ransomware group had breached its defenses and accessed threat intelligence reports, a SharePoint portal, and a customer support system. 

However, the company said the data breach was limited and an elaborate extortion scheme that included private messages being sent to company executives failed.

Related: ICS Security Firm Dragos Raises $74 Million in Series D Extension

Advertisement. Scroll to continue reading.

Related: New Dragos OT-CERT Provides Free Industrial Cybersecurity Resources

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.