Two ransomware gangs had bad news in October, as their data leak sites were taken down. However, ransomware operators still caused havoc, with a new gang emerging and unlikely alliances forming between groups. Data leak sites taken down Ransomware gang Trigona was attacked by a group of hacktivists known as the Ukrainian Cyber Alliance (UCA). …
According to data from eCrime.ch, 462 organizations were listed on ransomware leak sites in September. This is up approximately 18% from August, which saw 390 organizations named and shamed on the dark web. The true number of successful ransomware attacks in both months is, however, likely much higher. That’s because organizations that are attacked but …
Ransomware gang 8Base declared yesterday in an X (formerly Twitter) post that “hospitals, non-profit organizations, social funds, and schools” were “NO LONGER of interest” to the criminal group. Instead, the gang claimed it would “leave NOTES with safety recommendations” if it accessed such organizations, presumably to help them beef up their cyber defenses. The gang’s …
According to data from eCrime.ch, 390 organizations were listed on ransomware leak sites in August. This is approximately an 18% decrease from July, which saw 478 organizations listed. The top five most targeted sectors in August were law (21), IT (18), construction (15), education (12), and government (11). 125 of the victim organizations, 32% of …
Educational organizations are often at the top of a cybercriminal’s list of potential targets. That’s because they hold a lot of valuable data but rarely have much budget for cybersecurity. Ransomware gangs, in particular, have been aggressively targeting the sector. In this post, I’ll dive into ransomware and the threat it poses to educational institutions, …
On Wednesday, ransomware gang Cl0p began leaking the data it stole from Pension Benefits Information (PBI). The stolen data contains personal information, including SSNs, of customers of insurance and pension companies that work with PBI. Cl0p’s publication of this data puts these customers at risk of identity theft. So far, California Public Employees’ Retirement System …
After adding a Massachusetts school district to their dark web leak site last Wednesday, the Royal ransomware gang appears to have had a change of heart. In a lengthy statement shared by security researcher Dominic Alvieri on Twitter, the gang claimed they were no longer planning to release the stolen data and had instead deleted …
According to security researcher Dominic Alvieri, notorious ransomware gang BlackCat allegedly breached an Alabama based mental health provider. Safe Not Scammed is not naming the facility so it can focus on securing its systems and protecting its patients. The breach BlackCat claims to have stolen “patient logs, patient mental illness records, SSNs, DLs, [and] Employees …
The fallout from ransomware gang Cl0p’s massive, worldwide attack continues to grow. Police departments, state and federal agencies, and numerous companies are among the known victims. Recap Cl0p stole data from hundreds of organizations by exploiting a vulnerability in popular file transfer software MOVEit at the end of May. The cybercriminals then told organizations to …
Yesterday, ransomware gang Cl0p began listing organizations affected by its exploit of file transfer software MOVEit. The gang used the exploit to steal data from potentially hundreds of companies around the world at the end of May. The gang had previously instructed affected companies to begin negotiations by June 14th to avoid being named and …
On Friday, the State of Illinois and the Minnesota Department of Education both revealed they were victims of the Cl0p ransomware gang. Cl0p exploited a vulnerability in file transfer software MOVEit at the end of May, breaching up to hundreds of organizations worldwide. Minnesota Department of Education The Minnesota Department of Education (MDE) reported that …
