Ransomware
-
Blog
Freight forwarder Estes notifies data breach victims; ransomware gang takes credit
Freight company Estes Forwarding Worldwide yesterday confirmed it notified victims, including customers and employees, of a May 28, 2025 cyber attack. Ransomware gang Qilin took credit for the attack on June 23, 2025. To prove its claim, the cybercriminal group posted sample images of what it says are documents stolen from Estes. They include passport scans, driver’s licenses, and spreadsheets.…
Read More » -
Blog
Ransomware victims are getting better at haggling with hackers
Nearly half of companies paid a ransom to get their data back last year, according to new research, but they’re taking a hard line with hackers to strike fair deals. In its latest State of Ransomware report, Sophos said this was the second highest rate of ransom payments in six years. However, more than half (53%) paid less than the…
Read More » -
Blog
Ransomware gang says it hacked New England’s Covenant Health network
Ransomware gang Qilin today took credit for a May 2025 cyber attack against Covenant Health in Massachusetts. The health network says it shut down its network after a cyber attack caused connectivity issues starting on May 26, 2025. At least one hospital in the network says it diverted ambulances to other hospitals and moved services like medical imaging to other…
Read More » -
Blog
Ransomware gang says it hacked Dairy Farmers of America, demands payment in 3 days
Ransomware group Play yesterday took credit for last week’s cyber attack on Dairy Farmers of America. The DFA last week said a ransomware attack disrupted multiple dairy manufacturing plants in the USA’s largest dairy cooperative. Play said it stole confidential data including budget, payroll, accounting, taxes, and financial info from the DFA. Play gave the DFA three days to pay…
Read More » -
Blog
Revil ransomware members released after time served on carding charges
Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. As they confirmed, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev were involved in the Revil gang’s carding activities between October 2015 and January 2022, according to the Russian state-owned news agency TASS. All…
Read More » -
Blog
Ransomware gang says it stole confidential files from Taos County, NM; demands ransom in 7 days
Ransomware group Kairos today said it stole 1.94 TB of data from the Taos County, New Mexico local government. Kairos listed Taos County on its data leak site. To prove its claim, it posted a sample of documents that Kairos says it stole from the Taos County government. Some of the documents appear to be related to a child sexual…
Read More » -
Blog
Ransomware gang gives Strafford County NH 5 days to pay ransom before 830 GB of data leaked
This morning, ransomware gang DragonForce uploaded Strafford County, NH, to its data leak site, giving the US government entity just five days to meet its ransom demands before 830.03 GB of data is leaked. Strafford County noted network disruptions in the middle of March 2025 before bringing 98% of its systems back online around 10 days later. Strafford County Commissioner…
Read More » -
Blog
Ransomware gang says it hacked a school district in Central Point, Oregon
Ransomware gang Interlock over the weekend took credit for a May 2025 cyber attack on Central Point School District 6 in Oregon. The district reported a cyber attack disrupted its systems on May 16, 2025, including absence notifications and gradebook updates. It restored systems by June 6, 2025. In a Facebook post, Superintendent Walt Davenport says the attack disrupted internet,…
Read More » -
Blog
Anubis ransomware adds wiper to destroy files beyond recovery
The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encryptimg malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid. Anubis (not to be confused with the same-name Android malware with a ransomware module) is a relatively new RaaS first observed in December 2024 but became more active at the beginning of the year. On February 23, the operators announced an…
Read More » -
Blog
New ransomware gang Warlock strikes government agencies worldwide
Warlock, a new ransomware gang, today claimed credit for a spate of cyber attacks that hit several government agencies from around the world. The group claimed responsibility for 16 cyber attacks in the past month, and about half those hit government agencies and departments. Four of the attacks have been acknowledged by the targeted organizations, three of which were government…
Read More »