Earlier today, ransomware group 8Base added The Tech Interactive to its data leak site, claiming to have stolen a ‘huge amount of confidential information’ as well as account documents, employment contracts, invoices, and more. It has given the science and technology museum seven days to pay the ransom (unspecified) before it publishes the alleged stolen data.
The Tech Interactive hasn’t confirmed the attack but did note ‘technical issues’ on its Facebook page on April 14. It stated that online tickets were unavailable at the time. No further updates have been posted but Comparitech has contacted The Tech Interactive for further details on this issue and the ransomware claims. We will update this post if we receive a response.
Who is 8Base?
8Base first appeared in 2022 but became particularly prolific from mid-2023 onward. Like many other ransomware groups it uses double-extortion (system encryption and data theft) to try and secure a payment from its victims.
According to data collated by Comparitech, 8Base is responsible for 20 confirmed attacks worldwide and 282 unconfirmed attacks over the last year. One of its biggest attacks was the Alberta Dental Service Corporation which affected 1.47 million records. But in more recent weeks it has claimed responsibility for attacks on the Atlantic States Marine Fisheries Commission, the United Nations Development Programme, and Speedy France.
About The Tech Interactive
Located in San Jose, California, The Tech Interactive is a science and technology center that provides hands-on activities and interactive exhibitions. It welcomes more than 250,000 visitors each year.