Blume Global, Inc. confirms data breach after malware attack. It reported data breach with the Office of the Vermont Attorney General. The breach leaked highly sensitive information belonging to those affected by the incident. Blume Global sent out data breach letters to all affected parties.

Blume Global Inc., a U.S.-based supply chain technology provider, fell victim to an AvosLocker ransomware attack in 2022, allegedly linked to Russian cybercriminals. The attackers exploited system vulnerabilities, disrupting access to the company’s asset management platform, compromising critical systems and data. The breach forced Blume Global to initiate an emergency internal investigation while collaborating with cyber forensic experts to assess the extent of the damage and implement mitigation strategies. The incident underscored persistent vulnerabilities in supply chain technology, particularly amid global disruptions. While the company acted swiftly to contain the attack, the operational impact was severe, potentially affecting logistics, data integrity, and client trust. The involvement of ransomware suggests data encryption and possible exfiltration, though the article does not confirm whether a ransom was paid or if sensitive customer/employee data was leaked. The attack’s disruption to core systems aligns with high-stakes cyber threats targeting enterprise continuity and financial stability.

On August 11, 2022, the Maine Office of the Attorney General reported a data breach involving Blume Global, Inc. The breach occurred between April 26 and April 27, 2022, and was discovered on June 21, 2022. The incident affected one Maine resident, with compromised data including the individual's Social Security number. Blume provided identity theft protection services, including 24 months of credit monitoring.