{
	"id": "df41a688-f552-4435-bb49-5c11f9eac49e",
	"created_at": "2026-04-09T02:24:16.108166Z",
	"updated_at": "2026-04-10T03:29:39.870389Z",
	"deleted_at": null,
	"sha1_hash": "e491dfa958fb8ebf437a1ce367e98d624a9371a7",
	"title": "AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2) - DataBreaches.Net",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 264386,
	"plain_text": "AlphV files an SEC complaint against MeridianLink for not\r\ndisclosing a breach to the SEC (2) - DataBreaches.Net\r\nPublished: 2023-11-15 · Archived: 2026-04-09 02:10:55 UTC\r\nEarlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan\r\norigination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily\r\nremoved to be updated, but DataBreaches has learned some additional details from someone involved in the\r\nattack.\r\nThe attack was last Tuesday, November 7. According to AlphV, they did not encrypt any files, but did exfiltrate\r\nfiles. MeridianLink was aware of it the day it happened. According to AlphV, no security upgrades were made\r\nfollowing the discovery, but “once we added them to the blog, they have patched the way used to get in,” \r\nDataBreaches was told.\r\nDataBreaches asked AlphV whether MeridianLink had contacted them at all or responded to them at all, and was\r\ntold that someone from MeridianLink had reached out to AlphV at some point, but there has been no interaction\r\nbetween the attackers and the firm. When asked why not, the threat actor explained, “it says they are offline.”\r\nIn what may be a first, however, AlphV has seemingly reported its victim to the SEC. A copy of the submission\r\nwas shared with DataBreaches:\r\nhttps://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/\r\nPage 1 of 2\n\nAlphV reported MeridianLink to the SEC for alleged failure to timely file. Image: Provided.\r\nDataBreaches.net.\r\nAlphV wrote: “We want to bring to your attention a concerning issue regarding MeridianLink’s\r\ncompliance with the recently adopted cybersecurity incident disclosure rules.\r\nIt has come to our attention that MeridianLink, in light of a significant breach compromising customer\r\ndata and operational information, has failed to file the requisite disclosure under Item 1.05 of Form 8-\r\nK within the stipulated four business days, as mandated by the new SEC rules.\r\nThe automated receipt for the complaint submission. Image: Provided. DataBreaches.net\r\nMeridianLink’s data security information can be found on its website. DataBreaches sent an inquiry to\r\nMeridianLink asking them about the alleged incident and their incident response. They replied promptly with the\r\nfollowing statement:\r\nSafeguarding our customers’ and partners’ information is something we take seriously. MeridianLink\r\nrecently identified a cybersecurity incident that took place on Nov 10. Upon discovery on the same day,\r\nwe acted immediately to contain the threat and engaged a team of third-party experts to investigate the\r\nincident. Based on our investigation to date, we have identified no evidence of unauthorized access to\r\nour production platforms, and the incident has caused minimal business interruption.\r\nWe have no further details to offer currently, as our investigation is ongoing.\r\nUpdate 1: This post was updated post-publication to include MeridianLink’s statement.\r\nUpdate 2: In response to a question DataBreaches received:  We are not lawyers, but we believe that new SEC\r\nreporting rule doesn’t go into effect until December 15. If any legal authority thinks it is already in effect, please\r\nlet us know. \r\nImage by wayhomestudio on Freepik.\r\nSource: https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/\r\nhttps://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/"
	],
	"report_names": [
		"alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec"
	],
	"threat_actors": [
		{
			"id": "6e23ce43-e1ab-46e3-9f80-76fccf77682b",
			"created_at": "2022-10-25T16:07:23.303713Z",
			"updated_at": "2026-04-10T02:00:04.530417Z",
			"deleted_at": null,
			"main_name": "ALPHV",
			"aliases": [
				"ALPHV",
				"ALPHVM",
				"Ambitious Scorpius",
				"BlackCat Gang",
				"UNC4466"
			],
			"source_name": "ETDA:ALPHV",
			"tools": [
				"ALPHV",
				"ALPHVM",
				"BlackCat",
				"GO Simple Tunnel",
				"GOST",
				"Impacket",
				"LaZagne",
				"MEGAsync",
				"Mimikatz",
				"Munchkin",
				"Noberus",
				"PsExec",
				"Remcom",
				"RemoteCommandExecution",
				"WebBrowserPassView"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775701456,
	"ts_updated_at": 1775791779,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e491dfa958fb8ebf437a1ce367e98d624a9371a7.pdf",
		"text": "https://archive.orkl.eu/e491dfa958fb8ebf437a1ce367e98d624a9371a7.txt",
		"img": "https://archive.orkl.eu/e491dfa958fb8ebf437a1ce367e98d624a9371a7.jpg"
	}
}