Rhysida Ransomware Targets US Architecture and Engineering Company ‘LaBella Associates’

• The Rhysida ransomware group claims to have breached the prominent LaBella Associates.
• The attackers value the allegedly stolen company data at approximately $2.82 million.
• While the exact scope of the breach has not yet been disclosed, the firm was offered one week to pay the ransom.

The Rhysida ransomware group has claimed responsibility for a significant cyber attack targeting LaBella Associates, a prominent architectural, engineering, and environmental design firm. 

The Rhysida ransomware group, known for targeting organizations across various industries, has reportedly gained unauthorized access to LaBella Associates’ systems. 

The attackers announced selling the “exclusive data” for 30 Bitcoin, equivalent to approximately $2.82 million, and set a ransom payment deadline for May 5, 2025. 

LaBella Associates, an established entity with over three decades of experience in Pre-K-12 design and planning, could face severe operational and reputational consequences if the issue remains unresolved.

The firm's expertise spans architecture, engineering, and environmental services, and boasts over 2,000 architects, engineers, planners, and construction managers in more than 40 offices.

While the exact scope of the breach has not yet been disclosed, ransomware attacks typically involve encrypting critical data and demanding a ransom in exchange for decryption keys. Failure to meet the deadline often results in sensitive company data being published or sold on the dark web.

Rhysida, a ransomware-as-a-service (RaaS) operation that surfaced in May 2023, has steadily escalated its attacks on critical sectors. Beyond healthcare, Rhysida attacked schools, local governments, police departments, and law firms.