Tag Archives: ransomware

The Hill reports: About 1.3 million people were affected by a data breach in Maine earlier this year, the state revealed Thursday. The breach was part of a massive cyberattack in May that exploited a vulnerability in the widely used MOVEit file-transfer system. Maine said the affected data included names, Social Security numbers, dates of birth, driver’s license or state …

Gizmodo reports: The National Rifle Association, defender of gun-loving maniacs everywhere, has confirmed that it did, in fact, get hacked by cybercriminals last year. On Friday, the organization’s political action committee (PAC) submitted a filing to the Federal Election Commission confirming the attack. The PAC made the filing to the FEC in an effort to explain a recent financial discrepancy. …

The Times Of Israel reports: Hackers believed to be linked to Iran demanded on Sunday a ransom payment of $1 million in digital currency to stop the online leak of personal information from an Israeli LGBT site. The Black Shadow hacking group said in a statement released through the Telegram messaging app that it was “looking for money” and would …

NBC News reports: A notorious Russian cybercriminal group has posted what appear to be National Rifle Association files to the dark web. The group, known as Grief, posted 13 files to its website Wednesday and claimed to have hacked the NRA. It is threatening to release more of the files if not paid, though it did not publicly state how …

Bloomberg News reports: A weekend cyberattack against Sinclair Broadcast Group Inc. was linked to one of the most infamous Russian cybergangs, called Evil Corp., according to two people familiar with the attack. The Sinclair hackers used malware called Macaw, a variant of ransomware known as WastedLocker. Both Macaw and WastedLocker were created by Evil Corp., according to the two people, …

Via press release from Sinclair Broadcast Group: On October 16, 2021, the Company identified and began to investigate and take steps to contain a potential security incident. On October 17, 2021, the Company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted. Data also was taken from …

The Washington Post reports: President Biden told Russian President Vladimir Putin on Friday that the United States will take “any necessary action” after the latest massive ransomware attack, the White House said. Biden has been under pressure to counter and blunt the impact of the costly, increasingly brazen assaults by what the United States says are Russia-based hackers. The president …

Reuters reports: Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday. Fred Voccola, the Florida-based company’s CEO, said in an interview that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly customers of Kaseya’s …

Reuters reports: Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded $70 million to restore the data they are holding ransom, according to a posting on a dark web site. The demand was posted on a blog typically used by the REvil cybercrime gang, a Russia-linked group that is counted …

Reuters reports: The Swedish Coop grocery store chain closed all its 800 stores on Saturday after a ransomware attack on an American IT provider left it unable to operate its cash registers. Hundreds of American businesses were hit on Friday by an unusually sophisticated attack that hijacked widely used technology management software from a Miami-based supplier called Kaseya. According to …

NBC News reports: A successful ransomware attack on a single company has spread to at least 200 organizations, according to cybersecurity firm Huntress Labs, making it one of the single largest criminal ransomware sprees in history. The attack, first revealed Friday afternoon, is believed to be affiliated with the prolific ransomware gang REvil and perpetuated through Kaseya, an international company …

Reuters reports: Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company’s CEO said in a statement on Wednesday. The subsidiary of Brazilian firm JBS SA halted cattle slaughtering at all of its U.S. plants for a day last week in response to the cyberattack, which threatened …

The Hill reports: A tech vendor used by dozens of House offices on Capitol Hill for constituent outreach services has reportedly been hit by a ransomware attack, becoming the latest victim in a series of cyberattacks to target U.S.-based entities. Punchbowl News reported Tuesday that almost 60 House offices, from both parties, have not been able to retrieve constituent information …

ABC News reports: The Justice Department has recovered some of the millions in ransom paid by Colonial Pipeline shortly after the company was hacked, according to a warrant unsealed Monday. The Colonial Pipeline hack was carried out by Darkside actors, the FBI said in brief statement days after the attack. The company’s CEO said last month in an interview that …

From the web security site The Record: Live streams for radio and TV stations owned by the Cox Media Group, one of the largest media conglomerates in the US, have gone down earlier today in what multiple sources have described as a ransomware attack. The incident took place earlier this morning and impacted the internal networks and live streaming capabilities …

Reuters reports: The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters. Internal guidance sent on Thursday to U.S. attorney’s offices across the country said information about ransomware investigations in the field …

NPR reports: The Transportation Security Administration, in the wake of the ransomware attack on the Colonial Pipeline that caused widespread gasoline disruptions earlier this month, has announced new reporting requirements for pipeline operators. In a security directive, the TSA, which oversees pipeline cybersecurity, said it will now require that pipeline operators report any cyberattacks on their systems to the federal …

Bloomberg News reports: CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware attack, according to people with knowledge of the attack. The Chicago-based company paid the hackers about two weeks after a trove of company data was stolen, and CNA officials were locked …

The Wall Street Journal reports: Joseph Blount, CEO of Colonial Pipeline Co., told The Wall Street Journal that he authorized the ransom payment of $4.4 million because executives were unsure how badly the cyberattack had breached its systems or how long it would take to bring the pipeline back. “I know that’s a highly controversial decision,” Mr. Blount said in …

CNBC reports: Ireland’s health service shut down its computer systems on Friday after being hit with a “sophisticated” ransomware attack. The Irish Health Service Executive said there was a “significant ransomware attack” on its IT systems, without commenting further on specifics. Ireland’s vaccination program has not been affected and appointments will go ahead as planned, but the registration portal has …