Bits ‘n Pieces (Trozos y Piezas)

Dominican Republic: The Instituto Agrario Dominicano (IAD)

The IAD was reportedly hit by Quantum ransomware. According to local media reporting, the attack occurred on August 18.

“They ask for more than 600 thousand dollars. We were affected by four physical servers and eight virtual servers; virtually all servers,” IAD Director of Technology Walixson Amaury Nuñez told local media.

The IAD has told local media that they only had basic security software on their systems such as antivirus, and lack a dedicated security department.

Bolivia: Database of Bolivian Postal Service Offered for Sale

A seller with a good reputation on a popular hacking forum has listed data from correos.gob.bo, the Bolivian postal agency. The seller, who provided a sample of data, claims to have 3 sql files, totaling 1.47 GB of data. The breach appears to be from 2022.

DataBreaches sent an email to CGII (Centro de Gestion de Incidentes Informaticos de Bolivia) to alert them to the sales notice so that they could contact correos.gob.bo to investigate the listing to see if the data for sale are real. DataBreaches did not contact the postal agency directly because their site has been inactive for months. There has been no reply from CGII by publication.

Portugal: TAP Air Portugal Victim of Cyberattack

TAP has posted a notice on its website today about instability of the site due to a cyberattack. No details of the attack were provided, but TAP notes that the attack was now blocked.

Notice was also provided on their Twitter account:

TAP was the target of a cyber-attack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data. The website and app still have some instability. Thank you for your understanding. pic.twitter.com/zQASbpNtXx

— TAP Air Portugal (@tapairportugal) August 26, 2022

As of now, TAP claims to have no evidence of unauthorized access to customer data.

UPDATED Aug. 31: Ragnar Locker has publicly claimed responsibility for the attack and disputes TAP’s claims.

*“Huge drama for Tap Air Portugal,” Ragnar Locker claims .*

In a statement on their leak site, Ragnar Locker claims to have huge amounts of irrefutable evidence of compromised data:

*Ragnar Locker indicates that it will be providing evidence that TAP has been inaccurate in claiming that there was no evidence of data compromise.*

Editing by Dissent