Cybersecurity Incident: How hackers used official rules to target software company after failed blackmail attempts

In an unusual and funny development, a group of hackers reported its victim to a federal agency after failing to negotiate a ransom with it. The move by the group is seen as a way to pressure the company into paying ransom.
A financial software company called MeridianLink confirmed “a cybersecurity incident” wherein the AlphV/BlackCat ransomware gang reportedly infiltrated the servers of the company MeridianLink on November 7 and stole company data.
However, the company neglected to negotiate a ransom amount directly, which led the hackers, known for breaching entities such as MGM Resorts and Reddit, to file a report with the Securities and Exchange Commission (SEC) to increase the pressure.
It also gave the company 24 hours to pay the ransom and threatened if the company failed to do so, it would leak allegedly stolen data.
What the SEC rule say
According to SEC’s new rules, a company that has been hit by a cyber attack must disclose the breach to the agency within four business days. The hacking group reportedly informed the SEC that MeridianLink failed to disclose the attack.

However, the new rules requiring disclosure may not have been in effect yet. It was said that the four-day requirement will take effect in 90 days after the date of publication in the Federal Register or December 18.
But they appear to have been published on August 4, making that alleged effective date November 2, a report said.
What MeridianLink has to say
Meanwhile, MeridianLink said that it quickly worked to contain the threat and is working to determine if any consumer personal information was breached.
“Based on our investigation to date, we have identified no evidence of unauthorised access to our production platforms, and the incident has caused minimal business interruption,” the company said.