Brookfield Residential Snowden Village
Brookfield Residential's Snowden Bridge

North American land developer and home builder Brookfield Residential is one of the first victims of the new DarkSide Ransomware.

Brookfield Residential is a U.S. and Canada planned community and single-family home builder with $5.7 billion in assets. 

Brookfield Residential is owned by Brookfield Asset Management, a Canadian asset management company with over $500 billion in assets under their control.

The similar names have led to some confusion as to which entity was attacked by the DarkSide ransomware.

Brookfield Residential is one of DarkSide's earliest victims

DarkSide is an enterprise targeting ransomware that began operating around August 10th, 2020.

Like other human-operated ransomware, DarkSide will breach a network and spread laterally between devices, while stealing unencrypted data.

Once they gain access to a Windows domain controller, the threat actors deploy the ransomware throughout the network.

As part of their extortion strategy, DarkSide will create an entry for each victim whose data has been stolen on their data leak site. After a certain amount of time has expired, the data leak site will begin publishing the stolen data so that anyone with access to the site can download it.

When the threat actors added Brookfield Residential to their data leak site, they listed their victim as Brookfield Asset Management (brookfield.com).

DarkSide data leak site
DarkSide data leak site

Due to the similarity in names, DarkSide listed the wrong owner, and the actual victim is Brookfield Residential.

“We recently identified a data security incident, which involved unauthorized access to a limited subset of files. We immediately alerted appropriate authorities, restored affected systems, and implemented additional security measures,” Brookfield Residential told BleepingComputer.

BleepingComputer was further told that Brookfield Residential is an independently operated company with an isolated network from Brookfield Asset Management, who was unaffected.

Brookfield Residential is reaching out to all individuals who were affected by this data breach. At this time, they believe it has only affected their employees.

While it is unknown how much DarkSide was demanding for a ransom, previous victims whose data was stolen had ransom demands of $2 million.

As the stolen data for Brookfield Residential has been released on DarkSide's data leak site, it is highly unlikely that a ransom was paid.

Related Articles:

New RustDoor macOS malware impersonates Visual Studio update

Ransomware payments drop to record low as victims refuse to pay

Kasseika ransomware uses antivirus driver to kill other antiviruses

Majorca city Calvià extorted for $11M in ransomware attack

BlackCat ransomware shuts down in exit scam, blames the "feds"