CR: Ministry of Public Works and Transportation Hit by Ransomware
Costa Rica’s Ministry of Public Works and Transportation (MOPT) has been the target of a ransomware attack by as yet unidentified individuals. The attack was reported by the Ministry of Science, Innovation, Technology and Telecommunications (MICITT) (machine translation):
Since early hours of this Tuesday, the Computer Incident Center Team (CSIRT-CR) of the Ministry of Science, Innovation, Technology and Telecommunications (MICITT), issued an alert of an incident in the digital platforms of the Ministry of Public Works and Transport (MOPT).
[…]
It is important to inform that the incident is currently contained. However, 12 encrypted servers were found.
As part of the cybersecurity protocol, the computer systems are temporarily out of service. At the moment, no critical services have been affected, and protocols have been activated so that the MOPT can continue to perform its functions and minimize any impact to the user.
As soon as we have more details of the situation, we will inform you in due time.
Since then, the government has posted updates about services and the Judicial Power of Costa Rica announced that it has been disconnected from the Road Safety Council. It has also quarantined all emails from MOPT.
Costa Rica suffered previous and significant ransomware attacks in 2022 — first by Conti, whose attack resulted in the government declaring a state of emergency, and then by Hive, who hit the country’s public health service.
There is no indication at this time that the current incident is connected to either of the earlier incidents.
BR: Politriz added by LockBit
Politriz, which sells cleaning, care and scented cleaning products, has been added to the LockBit3.0 leak page. No proof pack or samples have been provided, however, to support the claimed attack, and there is nothing on the Politriz website or social media about any incident. DataBreaches sent inquiries to the firm via its Facebook account, but the message does not appear to have been received by them yet.
At this point, then, the claimed attack is not confirmed.
CO: Alkomprar Technology Exposed Customer Data
AlKomprar Technology exposed data of approximately 15,000 customers. The data included ID numbers, contracts, and photographs of the clients who applied for loans to purchase equipment from the firm’s warehouse.
The exposed data were discovered by a researcher who contacted the firm to alert them to the leak.
According to Infobae, AlKomprar issued a statement saying:
“From the moment the notification was received, the company carried out the respective analysis of the situation and took the necessary corrective measures. To date, the information and data are secure and are not of a public nature”.
Editing and additonal material by Dissent