Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
The Record reports: Ransomware hackers stole the Social Security numbers and health insurance information for more than 740,000 people during an attack on a prominent Michigan hospital network. McLaren Health Care filed documents on Friday concerning a ransomware attack that took place in August 2024 — the second cyber incident to impact the healthcare giant in 12 months. The […]
SecurityWeek reports that heartless criminals targeted Krispy Kreme donuts last year: Donut and coffee retail chain Krispy Kreme has confirmed that the ransomware attack that came to light in late 2024 resulted in a data breach. Krispy Kreme revealed being hit by a cyberattack on December 11, saying that the incident had led to operational disruptions. Roughly […]
KTAB/KRBC reports: The Abilene City Council has unanimously approved nearly $1 million in funding to bolster cybersecurity efforts and restore systems after a recent cyberattack knocked out several city servers. Director of Information Technology Troy Swanson addressed the council Thursday, outlining the costs and detailing the recovery process. He said the investment is aimed at […]
YES24 is a South Korean booking and entertainment ticketing service. A ransomware attack on June 9 had impact on its services, as Chosun.Biz reports: Access to the website was completely halted, along with order histories and shipping. As a result, the entertainment industry also faced repercussions, with B.I postponing his fan meeting’s pre-sale schedule, and […]
The Record reports: Ransomware gangs have been exploiting a vulnerability in remote device control software SimpleHelp during a recent string of attacks, according to federal cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that CVE-2024-57727 — a vulnerability affecting SimpleHelp’s widely-used remote access tools — was exploited to “compromise customers of […]
BankInfoSecurity reports: A data-leak extortion group is shaking down the government of Paraguay for a ransom payment worth $7.4 million, or $1 for every one of the country’s citizens. The group, calling itself Brigada Cyber PMC, claimed in a Sunday post to its dark web leak site that it stole personally identifiable information on citizens […]
HIPAA Journal reports: Kettering Health is continuing to make progress in recovering from its May 20, 2025, ransomware attack. While its EHR has been restored, other IT systems remain offline, with disruption continuing at its Ohio medical centers and outpatient facilities. Earlier this week, Kettering Health issued an update confirming that a small subset of […]
Ransomware gangs will swear not to reveal that you were a victim if you pay their ransom demands. SBut if they fail to secure their negotiation chat servers, researchers and intel analysts can discover who their victims are and shoulder-surf any negotiations or payment arrangements. The SuspectFile blog reports on another case like that where […]
The Register reports that a mystery whistleblower calling himself “GangExposed” has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked […]
The Record reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller […]
