November 26, 2022

Ragnar Locker ransomware gang claims to target Belgian municipality, hits police instead

On Wednesday 16th of November 2022, the Ragnar Locker ransomware gang released a posting on their TOR data leak site where they claimed to have stolen data from the municipality of Zwijndrecht. However, it was discovered that the stolen data was from Zwijndrecht police, a local police unit in Antwerp, Belgium. The leaked data reportedly exposed thousands of car number plates, […]
November 25, 2022

Cyber attack against Cincinnati State college claimed by Vice Society ransomware gang

Earlier this month, Cincinnati State college informed its 10,000 students and 1,000 staff members that they suffered a cyber attack where they warned that online services and restoration to regular operations will take time. The Vice Society ransomware operation has claimed responsibility for the cyberattack on Cincinnati State Technical and Community College. The threat actors have since posted an extensive […]
November 11, 2022

Black Basta ransomware gang believed to be responsible for a cyber attack against Sobeys

On Monday 7th of November 2022, Empire, the parent company of the Canadian food retail giant Sobeys revealed that Sobeys experienced a cyber attack which has impacted Sobeys’s IT systems. Sobeys has stated that it is working on resolving the issues affecting its IT systems to reduce store disruption.  “The Company’s grocery stores remain open to serve customers and are […]
November 3, 2022

Automotive giant, Continental hit by LockBit ransomware attack

On Wednesday 2nd of November 2022, the LockBit ransomware gang claimed responsibility for a cyberattack against the German multinational automotive group Continental in a data leak site where they threaten to publish some allegedly stolen data on their data leak site if the company doesn’t give in to their demands by Friday 4th of November 2022 at 15:45 UTC. Based […]
October 26, 2022

Medibank confirm that a ransomware group accessed all its customers’ personal data

On Wednesday 12th of October 2022, one of Australia’s largest private health insurance providers, Medibank Private Limited identified unusual activity which was discovered to be a precursor to a ransomware attack. In response, Medibank immediately took down parts of its IT systems to contain the threat and therefore disrupted its online services. “Our ongoing investigation has found the unusual activity […]
October 25, 2022

Hive ransomware group starts to leak data from a ransomware attack on Tata Power

On Tuesday 25th of October 2022, the Hive ransomware group claimed responsibility for a cyber attack that was disclosed on Friday 14th of October 2022 by a subsidiary of the multinational conglomerate Tata Group, Tata Power. They stated that they encrypted Tata Power’s data on Monday 3rd of October 2022. It is believed that the ransom negotiations failed as Hive […]
October 17, 2022

German newspaper stops circulation after a ransomware attack

On Friday 14th of October 2022, the german newspaper ‘Heilbronn Stimme’ experienced a ransomware attack that crippled its printing systems as well as phone and email services. On Saturday, the newspaper released an “emergency” six-page edition while all planned obituaries were posted on the website and today, they published a 28-page issue in an e-paper format. The Editor-in-chief Uwe Ralf […]
October 14, 2022

Dutch National Police trick DeadBolt ransomware out of 155 decryption keys

On Friday 14th of October 2022, the Dutch National Police, in collaboration with cybersecurity firm Responders.NU released a statement that revealed the collaboration was able to trick the DeadBolt ransomware group into handing over 155 decryption keys by faking ransom payments. “The police paid, received the decryption keys, and then withdrew the payments. These keys allow files such as treasured […]
October 14, 2022

Microsoft reveals new Prestige ransomware campaign against Ukraine and Poland

On Friday 14th of October 2022, Microsoft released an article where they stated that the new novel ransomware campaign, Prestige ransomware is being used to target transportation and logistics organizations in Ukraine and Poland in ongoing attacks. This ransomware campaign was first Tuesday 11th of October 2022 when a series of attacks were detected within an hour of each other. […]