Sandhills online machinery markets shut down by ransomware attack
By Lawrence Abrams
Published: 2021-10-02 · Archived: 2026-04-05 17:40:45 UTC
Industry publication giant Sandhills Global has suffered a ransomware attack, causing hosted websites to become
inaccessible and disrupting their business operations.
Sandhills Global is a US-based trade publication and hosting company catering to the transportation, agriculture, aircraft,
heavy machinery, and technology industries.
Sandhills publishes various printed and hosted trade publications containing industry news and a marketplace for dealers to
sell related new and used machinery.
https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/
Page 1 of 4

https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/
Page 2 of 4

Visit Advertiser websiteGO TO PAGE
Sandhills hit with a ransomware attack
Starting yesterday, the website for Sandhills Global and all of their hosted publications went offline, and their phones
stopped working.
When attempting to access websites hosted on Sandhills' platform, users are greeted with a Cloudflare Origin DNS error
page, indicating that Cloudflare is unable to connect to Sandhills' servers.
Numerous sources have told BleepingComputer that a Conti ransomware attack is behind these outages.
This attack reportedly took place in the early morning hours of Thursday, causing the company to shut down all of its IT
systems to prevent the attack's spread.
Some of the well-known publications operated by Sandhills that are no longer accessible include Truck Paper, TractorHouse,
AuctionTime, Machinery Trader, ForestryTrader, HiBid, RentalYard, Motorsports Universe, CraneTrader, MarketBook, RV
Universe, Oil Field Trader, Aircraft, LiveStockMarket, Controller, and Aircraft.com.
The Conti ransomware gang has been responsible for a wide range of attacks over the years, including high-profile attacks
against the JVCKenwood, the City of Tulsa, Ireland's Health Service Executive (HSE), and Advantech.
When conducting attacks, the Conti gang usually steals files before encrypting devices to use as extra leverage during their
extortion attempts. They then demand multi-million ransom demands to receive a decryptor and not leak stolen data.
It is unknown how much the Conti is demanding from Sandhills and whether they stole data during the attack.
BleepingComputer has contacted Sandhills with questions about the attack but has not received a response at this time.
While Sandhills Global has not responded to our emails, an email sent to customers and shared with BleepingComputer
confirm the ransomware attack. 
Sandhills Global is currently responding to a ransomware attack that impacted our operations.  Systems and
operations have been temporarily shut down to protect data and information, and we have retained cybersecurity
experts to assist us with the investigation, which is ongoing.  We are working actively and diligently with the
assistance of our retained experts to fully restore operations.  
At this time, we are continuing to investigate whether any of our client's information has been accessed or
impacted by this incident.  At this time, we have not discovered evidence that confirms that customer information
has been compromised.  Please know that our clients are our number one priority and we are working diligently to
restore operations and remediate the attack.  At this time, our ability to respond to your messages may be
delayed. We appreciate your patience and deeply regret any inconvenience this may cause.
We will provide updates regarding this matter and the status of our services as soon as possible.  
Update 10/3/21: Added statement sent to Sandhills customers
https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/
Page 3 of 4

Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the
other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic
questions for any tool evaluation.
Source: https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/
https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/
Page 4 of 4