Summary

A new hacking group known as BlackFile has emerged, targeting retail and hospitality sectors with data theft and extortion attacks. These attacks have been ongoing since February 2026.

Key Points

• BlackFile is a financially motivated hacking group.
• The group has been active since February 2026.
• Targets include organizations in the retail and hospitality industries.
• The attacks involve data theft and extortion.
• The group uses vishing (voice phishing) as a primary attack vector.

Analysis

The emergence of BlackFile highlights the evolving threat landscape, where extortion and data theft are increasingly targeting specific industries like retail and hospitality. The use of vishing indicates a sophisticated approach to social engineering, exploiting human vulnerabilities to gain access to sensitive information.

Conclusion

IT professionals in the retail and hospitality sectors should enhance their security awareness programs, focusing on social engineering threats like vishing. Implementing robust incident response plans and regular security training can mitigate the risks posed by such targeted attacks.