Ransomware
-
Blog
New ransomware gang Warlock strikes government agencies worldwide
Warlock, a new ransomware gang, today claimed credit for a spate of cyber attacks that hit several government agencies from around the world. The group claimed responsibility for 16 cyber attacks in the past month, and about half those hit government agencies and departments. Four of the attacks have been acknowledged by the targeted organizations, three of which were government…
Read More » -
Blog
Critical Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qilin (also tracked as Phantom Mantis) surfaced in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name and has since claimed responsibility for over 310 victims on its dark web leak site. Its victim…
Read More » -
Blog
Tax resolution firm Optima Tax Relief hit by ransomware, data leaked
U.S. tax resolution firm Optima Tax Relief suffered a Chaos ransomware attack, with the threat actors now leaking data stolen from the company. Optima Tax Relief is a well-known U.S. tax resolution and settlement firm that helps individuals and businesses in addressing and fixing federal and state tax issues. The company claims to be the nation’s leading tax resolution firm,…
Read More » -
Blog
Kettering Health confirms Interlock ransomware behind cyberattack
Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack. Kettering Health operates over 120 outpatient facilities and employs over 15,000 people, including over 1,800 physicians. The healthcare network noted in a Thursday statement that its network devices have been secured, and its…
Read More » -
Blog
Sensata notifies victims of ransomware data breach that compromised SSNs, financial and medical info
Industrial tech maker Sensata yesterday confirmed it notified victims of an April 2025 data breach that compromised the following personal info: Names Social Security numbers Tax ID numbers Government-issued ID numbers Financial account info Payment card info Medical info Health insurance info Dates of birth Sensata has not publicly disclosed the total number of victims, but Maine’s attorney general reports…
Read More » -
Blog
Payne County, OK Sheriff confirms ransomware attack, tells residents to protect accounts
The Payne County Sherriff’s Office in Oklahoma this week confirmed it was hit by a ransomware attack last month. One June 3, 2025, the Sheriff’s Office announced that anyone who filed a report prior to May 15 should monitor their credit reports and bank accounts, issue fraud alerts, and change passwords. “The cyberattack has had no impact on the office’s…
Read More » -
Blog
Play ransomware breached 900 victims, including critical orgs
In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023. “Since June 2022, the Play (also known as Playcrypt) ransomware group has impacted a wide range of businesses…
Read More » -
Blog
Interlock adds Kettering Health to its ransomware data leak site – 941 GB allegedly stolen
This morning, ransomware gang Interlock has posted Kettering Health to its data leak site. It alleges to have stolen 941 GB of data, which includes 732,490 files across 20,418 folders and appears to contain ID cards, payment data, financial reports, and more. Kettering Health suffered a ransomware attack on May 20, 2025. The attack caused a system-wide outage affecting its…
Read More » -
Blog
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
A mysterious leaker going by the alias GangExposed has been revealing the identities of individuals linked to the Conti and Trickbot ransomware groups. The data includes aliases, photos, and videos of several group members and their front companies, along with thousands of chat logs, personal videos, and ransom negotiations with victims. The Register has spoken to the whistleblower via Signal,…
Read More » -
Blog
Ransomware roundup: May 2025 – Comparitech
By number of attacks claimed by ransomware groups, last month was the quietest month this year so far with 457 in total–down from 494 in April and about half February’s vast figure of 980. In May, we recorded 33 attacks that have been confirmed by the entity involved (e.g., through a data breach notification or press release) and a further…
Read More »