gang
-
Blog
Another ransomware gang says it breached IT giant Conduent
Ransomware gang SafePay today claimed responsibility for a January 2025 cyber attack against IT giant Conduent. Conduent suffered an outage at the time that it confirmed on January 22 was the result of a cyber security incident. The outage disrupted electronic money transfers and EBT payments made by its clients, which include half of Fortune 100 companies, for two days.…
Read More » -
Blog
Ransomware gang INC claims recent cyber attack on the City of McKinney, Texas
Ransomware gang INC added the City of McKinney, Texas, to its data leak site this weekend. This comes after the city issued a data breach notification following a cyber attack that started in October 2024. In its notification, the city states that it was: “the victim of an unknown third party gaining unauthorized access to the City network environment on…
Read More » -
Blog
Ransomware gang alleges theft of patient data from Michigan health system
Overnight, ransomware gang BianLian added Aspire Rural Health System to its data leak site, alleging to have stolen a variety of data. This includes patient records, financial information, and email correspondence. Aspire Rural Health System hasn’t confirmed a cyber attack but did note technical disruptions in early January which led to phones and systems being shut down for over 24…
Read More » -
Blog
Ransomware gang claims recent cyber attack on Harrison County Board of Education
West Virginia’s Harrison County Board of Education has been added to the data leak site of ransomware gang SafePay. It alleges to have stolen 26 GB of data. This comes after the Board of Education said it suffered a “cybersecurity incident” on January 18, 2025, which led to school closures. Its statement, issued on January 23, says: “On Saturday, January…
Read More » -
Blog
Ransomware gang says it breached patient health and payment data at Michigan clinic
Ransomware gang BianLian today claimed responsibility for a November 2024 data breach at St. Clair Orthopaedics and Sports Medicine, which operates a pair of clinics north of Detroit, Michigan. St. Clair notified an undisclosed number of patients that the following data was compromised in the breach: Health insurance data including health plans and policies, insurance companies, member and group ID…
Read More » -
Blog
Ransomware gang claims data breach at Philadelphia casino, SSNs and bank account info leaked
Ransomware gang Cicada3301 yesterday claimed responsibility for a November 2024 data breach at Rivers Casino Philadelphia. The casino sent data breach notices to victims at the end of December 2024 that stated names, Social Security numbers, and bank account info used for direct deposits were compromised. The casino has not publicly disclosed how many people it notified. Cicada3301 says it…
Read More » -
Blog
Mississippi electric utility notifies 21K customers of data breach claimed by ransomware gang
Mississippi electric utility Yazoo Valley Electric Power Association yesterday confirmed it notified 20,997 people of an August 2024 data breach. Ransomware gang Akira claimed responsibility for the attack, saying it stole Social Security numbers, internal corporate documents, and financial records. Yazoo Valley has not verified Akira’s claim and has not publicly disclosed what data was compromised. We do not yet…
Read More » -
Blog
Christmas cyber attack on Menominee Tribal Clinic claimed by ransomware gang INC
This morning, ransomware gang INC added Menominee Tribal Clinic of Wisconsin to its data leak site. This comes after the Clinic issued a statement on January 15, confirming it had suffered a cyber attack over Christmas. The Clinic had been experiencing system and telephone disruption from December 26. In its notification, the Menominee Tribal Clinic confirms that its servers were…
Read More » -
Blog
International AIDS Vaccine Initiative hacked by ransomware gang
Ransomware gang Inc has claimed responsibility for a December 2024 data breach at the International AIDS Vaccine Initiative (IAVI). IAVI began issuing data breach notices to victims on January 17, 2025. The organizations has not publicly disclosed how many people were impacted or what data was compromised. However, it is offering victims free identity theft protection, which implies data that…
Read More » -
Blog
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access
Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. VMware ESXi appliances have a critical role in virtualized environments as they can run on a single physical server multiple virtual machines of an organization. They are largely unmonitored and have been a target for hackers looking to access corporate networks…
Read More »