{
	"id": "cc255eb6-c3c7-4665-a477-22bc83ec173e",
	"created_at": "2026-04-06T00:17:29.373085Z",
	"updated_at": "2026-04-10T13:12:35.864071Z",
	"deleted_at": null,
	"sha1_hash": "33b3b0ad03fed3060090de015ec803e1198d3df2",
	"title": "DarkSide Ransomware hits North American real estate developer",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 3354242,
	"plain_text": "DarkSide Ransomware hits North American real estate developer\r\nBy Lawrence Abrams\r\nPublished: 2020-08-25 · Archived: 2026-04-05 13:30:24 UTC\r\nBrookfield Residential's Snowden Bridge\r\nNorth American land developer and home builder Brookfield Residential is one of the first victims of the new DarkSide\r\nRansomware.\r\nBrookfield Residential is a U.S. and Canada planned community and single-family home builder with $5.7 billion in assets. \r\nBrookfield Residential is owned by Brookfield Asset Management, a Canadian asset management company with over $500\r\nbillion in assets under their control.\r\nThe similar names have led to some confusion as to which entity was attacked by the DarkSide ransomware.\r\nhttps://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nBrookfield Residential is one of DarkSide's earliest victims\r\nDarkSide is an enterprise targeting ransomware that began operating around August 10th, 2020.\r\nLike other human-operated ransomware, DarkSide will breach a network and spread laterally between devices, while\r\nstealing unencrypted data.\r\nOnce they gain access to a Windows domain controller, the threat actors deploy the ransomware throughout the network.\r\nAs part of their extortion strategy, DarkSide will create an entry for each victim whose data has been stolen on their data\r\nleak site. After a certain amount of time has expired, the data leak site will begin publishing the stolen data so that anyone\r\nwith access to the site can download it.\r\nWhen the threat actors added Brookfield Residential to their data leak site, they listed their victim as Brookfield Asset\r\nManagement (brookfield.com).\r\nDarkSide data leak site\r\nDue to the similarity in names, DarkSide listed the wrong owner, and the actual victim is Brookfield Residential.\r\n“We recently identified a data security incident, which involved unauthorized access to a limited subset of files. We\r\nimmediately alerted appropriate authorities, restored affected systems, and implemented additional security measures,”\r\nBrookfield Residential told BleepingComputer.\r\nBleepingComputer was further told that Brookfield Residential is an independently operated company with an isolated\r\nnetwork from Brookfield Asset Management, who was unaffected.\r\nBrookfield Residential is reaching out to all individuals who were affected by this data breach. At this time, they believe it\r\nhas only affected their employees.\r\nWhile it is unknown how much DarkSide was demanding for a ransom, previous victims whose data was stolen had ransom\r\ndemands of $2 million.\r\nhttps://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/\r\nPage 3 of 4\n\nAs the stolen data for Brookfield Residential has been released on DarkSide's data leak site, it is highly unlikely that a\r\nransom was paid.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/\r\nhttps://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/"
	],
	"report_names": [
		"darkside-ransomware-hits-north-american-real-estate-developer"
	],
	"threat_actors": [],
	"ts_created_at": 1775434649,
	"ts_updated_at": 1775826755,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/33b3b0ad03fed3060090de015ec803e1198d3df2.pdf",
		"text": "https://archive.orkl.eu/33b3b0ad03fed3060090de015ec803e1198d3df2.txt",
		"img": "https://archive.orkl.eu/33b3b0ad03fed3060090de015ec803e1198d3df2.jpg"
	}
}