ES: Stormous claims attack on Zurcal
The Zurcal group, which belongs to the energy saving and efficiency sector, has been named by Stormous Ransomware in its Telegram channel. The attack was posted on February 24 with images showing invoices and plans. Stormous gave the victim one week to respond.
In a subsequent post, Stormous added more proof and images, including one NIF (tax identification number).
Zurcal has not posted any notice on its site or social media and has not replied to inquiries by DataBreaches.
BR: Ragnar_Locker indignantly responds to a victim’s claim of no data leakage
“AASP claim there was no data leakage!” Ragnar_Locker posted on February 22.
AASP is the Associação de Advogados de São Paulo, an association of São Paulo lawyers. The association’s Twitter account had acknowledged an incident in a January 27 tweet, but denied any data exfiltration, a denial that they reiterated subsequently, claiming (translation): “We reiterate that no type of leakage of personal or institutional data has been detected,” and “We have full backup and it is important to highlight that personal and institutional information is encrypted, preventing data leakage.” (January 30 tweet).
In response, the threat actors posted proof, including some items with personal information.
AASP did not respond to inquiries by DataBreaches and posted nothing further about the attack.
[Update: Shortly after publication, Ragnar_Locker posted an update to their leak site. They uploaded 200 GB of files from AASP plus numerous screenshots with personal information.]
CO: Hackers attack Fasecolda
La Federación de Aseguradores Colombianos (Fasecolda) is an association for Colombian insurers. Fasecolda was reportedly the target of hackers, but the attack was detected and staff disconnected systems with information on automobiles and Compulsory Traffic Accident Insurance (Soat).
API reported that the containment schemes were effective in stopping the attack. Fasecolda has not issued any updates since February 28.
MX: Investigation into cyberattack of Rosarito continues
On February 17, Rosarito’s city council experienced a cyberattack that resulted in hundreds of servers being infected. Citizens were affected because the attack made it impossible for them to pay property taxes and other municipal service fees for several days.
The attack was reported to the State Attorney General’s office on February 24, and the municipality is still investigating this incident.
No group has claimed responsibility for the attack and there has been no mention of any ransom demands.
Edited by Dissent.