Interlock
-
Blog
Kettering Health confirms Interlock ransomware behind cyberattack
Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack. Kettering Health operates over 120 outpatient facilities and employs over 15,000 people, including over 1,800 physicians. The healthcare network noted in a Thursday statement that its network devices have been secured, and its…
Read More » -
Blog
Interlock adds Kettering Health to its ransomware data leak site – 941 GB allegedly stolen
This morning, ransomware gang Interlock has posted Kettering Health to its data leak site. It alleges to have stolen 941 GB of data, which includes 732,490 files across 20,418 folders and appears to contain ID cards, payment data, financial reports, and more. Kettering Health suffered a ransomware attack on May 20, 2025. The attack caused a system-wide outage affecting its…
Read More » -
Blog
Ransomware gang Interlock claims recent attack on West Lothian Council – 2.63 TB of data stolen
Ransomware gang Interlock has this morning added West Lothian Council to its data leak site. It alleges to have stolen 2.63 TB of data, which includes 3,349,196 files and 580,783 folders. The proof pack contains images of passports, driver’s licenses, and various other documents. The Scottish council confirmed it had been hit by a ransomware attack on May 6, with…
Read More » -
Blog
Ransomware gang Interlock claims attack on kidney dialysis company DaVita – 1.5 TB of data stolen
Today, ransomware gang Interlock has added kidney dialysis firm DaVita to its data leak site. It alleges to have stolen 1.5 TB of data, which includes 683,104 files and 75,836 folders. On April 14, DaVita reported that it had suffered a ransomware attack on April 12, and this was “affecting and encrypting certain on-premises systems.” The attack continues to disrupt…
Read More » -
Blog
Interlock ransomware gang pushes fake IT tools in ClickFix attacks
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. ClickFix is a social engineering tactic where victims are tricked into executing dangerous PowerShell commands on their systems to supposedly fix an error or verify themselves, resulting in the installation of malware. Though this isn’t the first time ClickFix…
Read More » -
Blog
Meet Interlock — The new ransomware targeting FreeBSD servers
Image: Midjourney A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. Launched at the end of September 2024, Interlock has since claimed attacks on six organizations, publishing stolen data on their data leak site after a ransom was not paid. One of the victims is Wayne County,…
Read More »