BlackFile Hacking Group Targets Retail and Hospitality Sectors with Vishing and Extortion Attacks

A financially motivated hacking group identified as BlackFile has been linked to a series of data theft and extortion attacks targeting retail and hospitality organizations since February 2026. The group employs vishing (voice phishing) tactics as part of its attack chain, though specific technical methods or tools were not detailed. No CVE IDs or exact victim counts were disclosed in the reported incidents. The primary impact involves unauthorized data access and extortion demands against affected entities. The campaign remains active with no additional geographic or sector-specific constraints mentioned beyond the targeted industries.