Cyber Tales: The Backup Blind Spot
When cybercriminals exploited an unpatched virtual machine, Parilti Labs lost critical data and paid a steep price. Discover how BOXX helped them recover—and the costly lesson they’ll never forget.

The Blind Spot
Places, industries, and names have been changed to preserve client privacy.
Parilti Labs had something special: a four-sister team, a clean-beauty mission, and three decades of credibility in Canada’s wellness space. With products in stores across the country and a loyal retail following, their reputation wasn’t just part of the business—it was the business.
But when cyber criminals quietly infiltrated a vulnerability in one of their virtual machine environments, everything was put at risk.
An Unexpected Entry Point
Hatice Demir, head of IT and the tech-minded middle sister, was known for being meticulous. She made sure backups existed in two places, ran regular system checks, and trained her team to be vigilant.
Hatice’s team never missed a Windows update on their physical machines—but they missed patching the virtual machine’s operating system. It’s a common blind spot that allowed hackers to quietly exploit the unpatched virtual machine.
Hatice’s team noticed strange activity and tried to contain the breach on their own—but the attackers proved stubborn and elusive.
Calling the Hackbusters
When it became clear her team was no match for the hackers, Hatice knew it was time to make the call. After three days of trying to contain the breach on their own, she gathered her sisters—CEO Derya, CFO Alara, and Master Data & Project Manager Aylin—to break the news.
“She walked in and said, ‘We’ve been hacked, and it’s bad,’” Aylin recalled. “We didn’t really get what that meant, but Hatice looked like she might throw up, so I knew it wasn’t good.”
“Insurance?” was all Alara and Derya could manage.
Hatice nodded and told them she’d already called BOXX. Help was on the way.
It didn’t exactly calm them.
“Honestly, we weren’t expecting much,” said Derya. “We figured we’d get a chatbot or be told someone would get back to us.”
Instead, they were connected directly to Jack Brooks, BOXX’s Virtual Chief Information Security Officer.
“That alone was a relief,” Derya said. “Jack got straight to the point. He calmly explained what likely happened, what needed to happen next, and how his team—the Hackbusters—would take it from there.”
“Jack was incredible,” Hatice added. “He never made me feel stupid—even though, let’s be honest, I kind of deserved it. He just focused on fixing it.”
“I didn’t even know what a Hackbuster was,” joked Aylin. “But it sounded badass, and I was just glad they were on our side.”
The Hackbusters got to work. They secured the network, kicked the attackers out, and started recovery.
Within 36 hours, they had 80% of Parilti’s operations back online.
But that last 20%—the data that hadn’t been backed up—was the piece that would hurt the most.
When Cutting Corners Cuts Deep
As the team reviewed what could be recovered, they uncovered a difficult truth:
“The criminals targeted all the servers, unfortunately for Parilti, the one server they managed to access – the only one that hadn’t been backed up remotely – was the motherlode,” Jack explained.
To make matters worse, it hadn’t been missed. It had been intentionally excluded from the backup strategy.
Hatice, normally laser-focused on technical operations, made a rare call that crossed into budgeting territory. In an effort to prove she understood the financial pressures of running a family business, she’d tried to cut what seemed like a low-risk corner.
“I usually stay in my lane,” Hatice admitted. “But I thought, if I could show my sisters I could trim some fat without hurting anything, maybe Alara would loosen the purse strings for a few key hires on the dev side. I wanted to show that IT could be strategic—not just a cost centre.”
The server in question had been flagged as low-use, mostly historical. Hatice believed it held outdated files. She was wrong.
The files weren’t regularly accessed, but they were important. That server housed all Parilti’s Health Canada certifications and safety testing records. The cyber criminals had full control and demanded ransom.
“Criminals that they don’t have to corrupt all of the protected or ‘immutable’ data—they go after the index, the keys, the map to all the valuable stuff. By scrambling these indexes, the rest of the data was useless. That’s what they did here.” Jack explains.
“To say this was bad news is an understatement,” he continued. “Governments don’t keep back-ups of this kind of data—it’s up to the manufacturer to prove their compliance with regulators. Without that proof, Parilti couldn’t legally sell or export their products. It was a disaster.”
Ransom, Paid
Though BOXX’s Hackbusters helped recover eight of the nine compromised servers, the attackers encrypted and deleted backups for the ninth. With no alternative, Parilti paid the ransom, with help from Hackbusters, to regain access.
The cost? Over $1 million in direct losses—and more in delayed product launches and disrupted sales.
It wasn’t the outcome Jack wanted.
“Hatice’s team had been solid on Windows updates for physical machines—but they missed patching the virtual machine OS. It’s a common blind spot, and this time it cost them.”
“We never want to see a company in the position of paying ransom,” Jack said. “That’s always the last resort. What makes this especially tough is—it was avoidable. This data didn’t change often. Even something as simple as backing it up to a physical hard drive and locking it in a fire safe would’ve done the job. It sounds old-school, but sometimes the simplest solutions are the strongest.”
From Cleanup to Comeback
With BOXX’s help, the team re-architected their cyber strategy from the ground up. The Hackbusters conducted training, helped redesign backup protocols, and reconfigured Parilti’s infrastructure for resilience.
The Demir sisters didn’t shy away from the truth. They owned it—and adapted. It was a painful, expensive lesson, but Parilti products are back on shelves and the company’s back on track.
“What seemed like a small cost-saving move turned into a million-dollar mistake,” said Derya. “But BOXX didn’t just clean up the mess—they helped us rebuild smarter. And honestly, it was a wake-up call. As sisters and as business partners, we’ve got to communicate better. If we’d listened more closely to Hatice about what she needed, maybe she wouldn’t have felt the need to cut corners.”
“We’ve gone from reacting to preparing,” Hatice said. “This whole thing rewired how we think about risk. I’ll never call anything a ‘low priority’ server again. And just in case I forget, I wrote Jack’s words on the whiteboard in our boardroom—big letters, underlined twice.”
She grinned.
“It says: ‘All data must be segregated and separated from the live network. All technology can fail. Immutability doesn’t mean invincibility. If criminals can’t get to the vault, they’ll go after the map to the vault.’ —Jack Brooks.”
“Hard lesson. But I won’t be forgetting it.”
Interested in more real-life cyber stories?
Sign-up for the BOXX Newsletter today.
Join over 5,000+ others that receive our newsletter updates. Filled with expert advice and product announcements to help prevent a cyber incident. Get insider access to news around BOXX innovations, cyber tips and case studies that allow you to stay up to date on all things cyber.