As DataBreaches.net reported earlier today, although DarkSide ransomware operators claimed to have attacked Brookfield Asset Management, they appear to have attacked Brookfield Residential, a North American land developer and residential home builder. Brookfield Residential is an independently operating portfolio company that runs on an isolated network and domain from all other Brookfield entities, including Brookfield Asset Management. A spokesperson confirmed in a statement to DataBreaches.net that the latter’s network was not involved all in the cyberattack, but that there was unauthorized access to a “limited subset of files” on the Brookfield Residential network.
“We immediately alerted appropriate authorities, restored affected systems and implemented additional security measures. We are proactively reaching out to any individual whose information may have been accessed, but we believe this is limited to internal employees only.”
So far, the threat actors have dumped data in folders labeled Corporate HR, Human Resources, Payroll, Administration, Business Plan, Commercial, Finance, and finan_g.
While DataBreaches.net has not yet examined all the files that were dumped (including payroll files), it is clear that there were employee files dumped that included short-term incentive plan results and amounts. Other correspondence included engagement letters, while yet other files addressed longer-term planning for leadership, indicating which named employees would be ready to assume identified leadership positions within 2-3 years or 1 year, etc.