DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Maze Team under the spotlight

Posted on May 12, 2020 by Dissent

Maze has seemingly done such a good job getting media attention that we’re also seeing more analyses of their methods.

This week, check out this report from FireEye:  Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents

and this report from Sophos: Maze ransomware: extorting victims for 1 year and counting

In other Maze-related news this week, the threat actors continue to add new victims to their website where they name victims who have not paid their ransom demands and where they dump data to increase pressure on victims.

Of note this week, Cognizant revealed in an earnings call that it is taking a financial hit to the tune of $50-70 million from Maze’s ransomware attack, even though the attack itself did not have a significant impact on their systems.

Also of note this week: a U.K. publication reports that Maze team has been found to be operating out of Georgia and that the threat actors are associated with the Kremlin and Russian security services.The publication does not provide any specific sources to support their reporting or even give the basis for the report, other than “it is understood” kind of thing.

Could Maze Team be Russian? Sure, and some of their data dumps reveal Russian screens. But if they are associated with the Kremlin or Russian security services, then can U.S. entities pay any ransom demands? If word that Maze Team is affiliated with the Kremlin spreads and cyberinsurers become aware of the report, will the insurance companies refuse to authorize payments under their insured’s insurance policies?

Suppose all the U.S. victims were to say, “Sorry, but our insurance won’t cover us for paying you, so…..”

Note that I don’t necessarily believe the U.K. publication’s reporting as they don’t provide any sourcing for it. But I’ll be watching to see if any sourcing or evidence is published.

 

 

 

Category: Commentaries and AnalysesMalwareOf Note

Post navigation

← Paying the Ransom Doubles Cost of Recovering from a Ransomware Attack, According to Sophos
Magellan Health notifies employees whose personal data were exfiltrated in a ransomware attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.