DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Maze Team updates its site, dumps more victims’ data

Posted on January 28, 2020 by Dissent

The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them.

When I checked their site again today, I noticed that they had announced that they have dumped all their files on the City of Pensacola**, and they have also dumped all their files on Salumificio Fratelli Beretta, a cured meat provider.

But I also see other sites that have been added or updated, including Stockdale Radiology in California. Stockdale Radiology is one of the medical entities Maze Team had informed me about previously and had sent me a sample of patient files from. According to Maze Team’s site, the radiology center’s data were locked on January 17 of this year. The site lists two zipped archives of files as proof — but both links return 404 as of today’s date. There is no notice up on Stockdale Radiology’s site at this time about any attack or disruption in their services.

Medical Diagnostic Laboratories, LLC (MDL or MDLab) had already had some of their data dumped by Maze Team. They now appear to have had more of their files dumped. There is no announcement or notice on their website that might inform patients of any problem or data theft and there is no notice from the listed on HHS’s public breach tool at this time.

When I had asked Maze Team about their success rate in terms of victims paying them, they indicated that it was more than 50%, although of course, I have no way to verify that particular claim. But there are other medical entities that they claim they have attacked that have not appeared on their website yet, so I fear we are in for a lot of announcements and updates from them.

Lakeland Community College in Ohio also became a victim, it seems. Their data were reportedly locked on January 12 and 19 GB of data were allegedly downloaded. There is no notice on the college’s site as of today, and the proof file is not linked to a working file.

And while my focus tends to be on medical and educational facilities, let’s not forget that Maze Team is attacking all kinds of enterprises, including, it seems, Anheuser-Busch (ST. LOUIS, MO). Maze Team does not provide a lock date, but they added them to their site three weeks ago and they do provide sample files from the well-known beer brewery. The samples include some certified mail, a number of lease-related files, sales projections, and other files that include their 2019 incident response plan for any PCI-DSS incidents. UPDATE:  that victim is not Anheuser-Busch, but appears to be Busch’s Fresh Food Markets, a Michigan-based chain. DataBreaches.net apologizes to Anheuser-Busch for repeating Maze Team’s error.

They have also attacked a law firm in Oregon:  Hamilton and Naumes, LLC. That attack took place on January 16, and there are no proof files uploaded as of today’s date, but if they were able to get everything, then there may well be a lot of sensitive files as the firm’s areas of practice include family law, juvenile law, and criminal defense.

And as I did with covering thedarkoverlord, I will note that I understand why some journalists will not cover these attackers or other attackers using the same model for fear of encouraging them or for fear of helping to put pressure on the victim entities. I respect that decision by others while continuing to believe that I serve the public best by keeping it informed as to what is going on so that they can gauge risk for themselves and perhaps take more steps to prevent themselves from becoming victims.

**Although they claim to have dumped all the data, they noted:
“We are going to make a gift to City of Pensacola: we will not publish leaked private data, but we publish the list of leak data and hosts to proof, that we did it, we really hacked City of Pensacola.”


CORRECTION: Post-publication, it was pointed out to me that the Anheuser-Busch entry may really be for a grocery store. On further investigation, it appears that the attackers did mislabel their victim. The victim company appears to be Busch, Inc., Busch’s Fresh Food Market.

Related posts:

  • Maze Team continues its campaign of naming, shaming, and dumping victims’ data while other attackers adopt the same model
  • Stockdale Radiology’s notification may confuse readers
  • Two healthcare-related entities disappeared from Maze Team’s website …. why?
  • Late notification raises questions about a US Radiology Specialists breach last year
Category: Breach IncidentsBusiness SectorCommentaries and AnalysesEducation SectorHealth DataMalwareOf Note

Post navigation

← Breached Wawa Payment Card Records Reach Dark Web
Regis University paid ransom after cyberattack last fall →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.