Ransomware
-
Blog
Ransomware gang gives Strafford County NH 5 days to pay ransom before 830 GB of data leaked
This morning, ransomware gang DragonForce uploaded Strafford County, NH, to its data leak site, giving the US government entity just five days to meet its ransom demands before 830.03 GB of data is leaked. Strafford County noted network disruptions in the middle of March 2025 before bringing 98% of its systems back online around 10 days later. Strafford County Commissioner…
Read More » -
Blog
Ransomware gang says it hacked a school district in Central Point, Oregon
Ransomware gang Interlock over the weekend took credit for a May 2025 cyber attack on Central Point School District 6 in Oregon. The district reported a cyber attack disrupted its systems on May 16, 2025, including absence notifications and gradebook updates. It restored systems by June 6, 2025. In a Facebook post, Superintendent Walt Davenport says the attack disrupted internet,…
Read More » -
Blog
Anubis ransomware adds wiper to destroy files beyond recovery
The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encryptimg malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid. Anubis (not to be confused with the same-name Android malware with a ransomware module) is a relatively new RaaS first observed in December 2024 but became more active at the beginning of the year. On February 23, the operators announced an…
Read More » -
Blog
New ransomware gang Warlock strikes government agencies worldwide
Warlock, a new ransomware gang, today claimed credit for a spate of cyber attacks that hit several government agencies from around the world. The group claimed responsibility for 16 cyber attacks in the past month, and about half those hit government agencies and departments. Four of the attacks have been acknowledged by the targeted organizations, three of which were government…
Read More » -
Blog
Critical Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qilin (also tracked as Phantom Mantis) surfaced in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name and has since claimed responsibility for over 310 victims on its dark web leak site. Its victim…
Read More » -
Blog
Tax resolution firm Optima Tax Relief hit by ransomware, data leaked
U.S. tax resolution firm Optima Tax Relief suffered a Chaos ransomware attack, with the threat actors now leaking data stolen from the company. Optima Tax Relief is a well-known U.S. tax resolution and settlement firm that helps individuals and businesses in addressing and fixing federal and state tax issues. The company claims to be the nation’s leading tax resolution firm,…
Read More » -
Blog
Kettering Health confirms Interlock ransomware behind cyberattack
Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack. Kettering Health operates over 120 outpatient facilities and employs over 15,000 people, including over 1,800 physicians. The healthcare network noted in a Thursday statement that its network devices have been secured, and its…
Read More » -
Blog
Sensata notifies victims of ransomware data breach that compromised SSNs, financial and medical info
Industrial tech maker Sensata yesterday confirmed it notified victims of an April 2025 data breach that compromised the following personal info: Names Social Security numbers Tax ID numbers Government-issued ID numbers Financial account info Payment card info Medical info Health insurance info Dates of birth Sensata has not publicly disclosed the total number of victims, but Maine’s attorney general reports…
Read More » -
Blog
Payne County, OK Sheriff confirms ransomware attack, tells residents to protect accounts
The Payne County Sherriff’s Office in Oklahoma this week confirmed it was hit by a ransomware attack last month. One June 3, 2025, the Sheriff’s Office announced that anyone who filed a report prior to May 15 should monitor their credit reports and bank accounts, issue fraud alerts, and change passwords. “The cyberattack has had no impact on the office’s…
Read More » -
Blog
Play ransomware breached 900 victims, including critical orgs
In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023. “Since June 2022, the Play (also known as Playcrypt) ransomware group has impacted a wide range of businesses…
Read More »