Ransomware

  • Blog

    Riverside Resort Hotel and Casino hit by ransomware attack, guest SSNs compromised

    Don Laughlin’s Riverside Resort Hotel and Casino in Nevada yesterday confirmed it notified an undisclosed number of people about a July 2024 data breach that compromised names and Social Security numbers, among other data. Ransomware group Lynx claimed responsibility for the attack on its leak site. Although the full figure hasn’t been disclosed, government breach reporting sites say 1,359 Texas…

    Read More »
  • Blog

    Ransomware gang claims it breached Canada’s Park’N Fly airport shuttle service, 1 million records compromised

    Ransomware group Ransomhub today claimed responsibility for a data breach at Park’N Fly, the parking and shuttle service for several Canadian airports. Park’N Fly on August 27, 2024 notified customers of a July data breach that compromised 1 million customers’ contact information, Aeroplan, and CAA number. The company says no financial or payment card information was accessed by attackers. The…

    Read More »
  • Blog

    VMware ESXi Servers Targeted by New Ransomware Variant

    A new double-extortion ransomware variant targets VMware ESXi servers, security researchers have found. The group behind it, named Cicada3301, has been promoting its ransomware-as-a-service operation since June. Once an attacker has initial access to a corporate network, they can copy and encrypt its private data using the Cicada3301 ransomware. They can then withhold the decryption key and threaten to expose…

    Read More »
  • Blog

    Linux version of new Cicada ransomware targets VMware ESXi servers

    Image: Midjourney A new ransomware-as-a-service (RaaS) operation is impersonating the legitimate Cicada 3301 organization and has already listed 19 victims on its extortion portal, as it quickly attacked companies worldwide. The new cybercrime operation is named after and uses the same logo as the mysterious 2012-2014 online/real-world game named Cicada 3301 that involved elaborate cryptographic puzzles. However, there’s no connection between…

    Read More »
  • Blog

    Researcher sued for sharing data stolen by ransomware with media

    The City of Columbus, Ohio, has filed a lawsuit against security researcher David Leroy Ross, aka Connor Goodwolf, accusing him of illegally downloading and disseminating data stolen from the City’s IT network and leaked by the Rhysida ransomware gang. Columbus, the capital and most populous (2,140,000) city in Ohio, suffered a ransomware attack on July 18, 2024, which caused various…

    Read More »
  • Blog

    RansomHub ransomware breached 210 victims since February

    ​Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims’ files,…

    Read More »
  • Blog

    Halliburton cyberattack linked to RansomHub ransomware gang

    The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company’s IT systems and business operations. The attack caused widespread disruption, and BleepingComputer was told that customers couldn’t generate invoices or purchase orders because the required systems were down. Halliburton disclosed the attack last Friday in an SEC filing, stating they…

    Read More »
  • Blog

    Ransomware gang Brain Cipher adds the Réunion des Musées Nationaux to its data leak site – 300GB of data stolen

    This morning, ransomware gang Brain Cipher posted the Réunion des Musées Nationaux (RMN) to its data leak site, alleging to have stolen over 300GB of data. This follows RMN’s systems suffering a crippling attack during the Paris Olympics in early August 2024. Brain Cipher was rumored to be the gang behind the attack at the time. In its initial statement,…

    Read More »
  • Blog

    US Marshals Service disputes ransomware gang’s breach claims

    The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group’s leak site on Monday. “USMS is aware of the allegations and has evaluated the materials posted by individuals on the dark web, which do not appear to derive from any new or undisclosed…

    Read More »
  • Blog

    BlackSuit ransomware stole data of 950,000 from software vendor

    Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024. Young Consulting (now Connexure) is an Atlanta-based software solutions provider specializing in the employer stop-loss marketplace, assisting insurance carriers, brokers, and third-party administrators in managing, marketing, underwriting, and administering stop-loss insurance policies. Yesterday, the firm started…

    Read More »
Back to top button
close