April 7, 2023

MSI confirms network breach following ransomware attack claims by the Money Message ransomware group

On Friday 7th of April 2023, Micro-Star International (MSI) a Taiwanese PC vendor confirmed that its network was breached in a cyberattack. This confirmation came following claims by the Money Message ransomware gang who has claimed to have breached some of MSI’s systems and had stolen files that they are threatening to leak next week if the company refuses to pay […]
April 6, 2023

Medusa Ransomware group claim attack on Open University of Cyprus

Last week, the Open University of Cyprus (OUC) released an announcement about a cyberattack that had occurred on Monday the 27th of March, that resulted in several central services and critical systems going offline. Following the announcement, the Medusa ransomware group released a posting on its data leak site listing the Open University of Cyprus as a victim. The group has […]
March 23, 2023

The City of Toronto confirm unauthorized access following Clop’s claims

This week has seen the City of Toronto added to Clop’s TOR data leak site following the ongoing GoAnywhere attack spree. The City of Toronto has claimed that they became aware of potential unauthorized access to City data On Monday 20th of March 2023. However, the City of Toronto has confirmed that unauthorized access to City data did occur through […]
March 21, 2023

Saks Fifth Avenue confirms cyber security incident concerning Clop ransomware gang’s claims

On Monday 20th of March 2023, the Clop ransomware gang claimed to have attacked Saks Fifth Avenue on its dark web leak site. It is believed that the incident is a part of the gang’s ongoing attacks against vulnerable GoAnywhere MFT servers using the CVE-2023-0669 vulnerability. Since the post was released, sources have contacted Saks and a spokesperson confirmed the […]
March 17, 2023

Hitachi Energy confirms data breach after CL0P’s wave of GoAnywhere attacks

On Friday 17th of March 2023, Hitachi Energy, a department of Japanese engineering and technology giant Hitachi confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day vulnerability (CVE-2023-0669) in the Fortra GoAnywhere MFT (Managed File Transfer), that was first disclosed on February 2023. “We recently learned that a third-party software provider called FORTRA […]
February 10, 2023

The City of Oakland confirms systems are offline after a ransomware attack

On Wednesday 8th of February 2023, the local government of the City of Oakland was hit by a ransomware attack that resulted in them having to take all systems offline until the network is secured and affected services are brought back online. Even though they had to take all systems offline, the city has confirmed that the attack has not […]
January 3, 2023

Rail giant Wabtec discloses data breach following LockBit ransomware attack

On Friday 30th of December 2022, U.S. rail and locomotive company, Wabtec Corporation disclosed a data breach that exposed personal and sensitive information. The announcement revealed that the threat actors were able to breach their network and installed malware on specific systems as early as Tuesday 15th of March 2022. The announcement explained that on Sunday 26th of June 2022, […]
January 1, 2023

LockBit apologises with free decryptor after cyber attack against SickKids hospital

On Sunday 18th of December 2022, a teaching and research hospital in Toronto that focuses on providing healthcare to sick children, SickKids experienced a ransomware attack that impacted internal and corporate systems, hospital phone lines, and the website. The incident led to delays in receiving lab and imaging results and resulted in longer patient wait times. It was then revealed […]
November 28, 2022

Disruption to Intrado telecom provider claimed by Royal ransomware gang

On Tuesday 27th of December 2022, the Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado. At this current time, Intrado is yet to share any information regarding this incident. However, it is believed that the attack started on Thursday 1st of December 2022. The date of the initial breach coincides with a widespread outage that […]