Ransomware Victim Southwire Sues Maze Operators

Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign.

Southwire, a prominent Georgia-based cable and wire manufacturer, is suing the Maze ransomware operators following a December 2019 attack in which the defendants stole sensitive information and later published it when their demand for ransom went unfulfilled.
Maze ransomware has grown prevalent since it was detected by Malwarebytes researcher Jerome Segura in May 2019. The malware was also
seen
in attacks against the city of Pensacola, Fla., and Allied Universal; when the latter missed its ransom payment deadline, Maze operators published 700MB of stolen information and demanded $2.3 million to decrypt its network.
It seems the same pattern occurred in Mazes attack on Southwire, which resulted in the theft of 120GB of data and encryption of 878 devices, Bleeping Computer
reports
. The operators demanded 850 Bitcoins, or $6 million, in exchange for the information. When Southwire didnt pay, they posted a subset of the companys stolen files on a website they built and controlled.
As a result, Southwire has filed a civil lawsuit in the Northern District of Georgia against the anonymous Maze attackers, referred to in the complaint as John Doe, for injunctive relief and damages under the Computer Fraud and Abuse Act (CFAA) and the common law of trespass to chattels.
According to the
official complaint
, Southwire alleges the defendant wrongfully accessed its computer systems and extracted confidential business data and other sensitive data. Defendant then demanded several million dollars to keep the information private, but after Southwire refused Defendants extortion, Defendant wrongfully posted part of Southwires confidential information on a publicly-accessible website that Defendant controls, it states.
Unless the attackers are directed to cease exposure of this information, the complaint continues, they will likely continue to post more of Southwires stolen data to its website. In doing so, they could potentially cause substantial, imminent, and irreparable harm to the company.
The complaint states Southwire spent far in excess of $5,000 to investigate the incident and remediate the damage Maze has caused and could cause. News of the incident has been spread to harm Southwires reputation and alarm customers and employees, it adds. The defendant violated the CFAA by knowingly and intentionally accessing Southwires protected computers without authorization or in excess of any authorization and thereby obtaining information from the protected computers in a transaction involving an interstate or foreign communication.
On top of its lawsuit against the Maze operators, Southwire is
seeking injunctions
against World Hosting Farm Limited (WHFL), which hosts the attackers website, after demands to remove its confidential data from the Internet went unaddressed, according to TheJournal.ie. The injunction requires WHFL to remove all data related to Southwire and its clients from the website. It also mandates the defendants hand over all the stolen data and that no additional information taken from Southwire be published anywhere else.
Related Content:
6 Traits to Develop for Cybersecurity Success
Cybercrimes Most Lucrative Careers
Rethinking Enterprise Data Defense
CCPA Kickoff: What Businesses Need to Know
Check out
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays top story:
SIM Swapping Attacks: What They Are & How to Stop Them
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Ransomware Victim Southwire Sues Maze Operators