January 04, 2023 TLP:CLEAR Report: 202301041300 Executive Summary Clop operates under the Ransomware-as-service (RaaS) model, and it was first observed in 2019. Clop was a highly used ransomware in the market and typically targeted organizations with a revenue of $5 million U.S. Dollars (USD) or higher. Since its appearance, HC3 is aware of attacks on…
Category: Malware
Bits ‘n Pieces (Trozos y Piezas)
MX: BlackCat claims attack on Grupo Estrategas EMM ALPHV, aka BlackCat, claims to have attacked Grupo Estrategas EMM, but the ransomware group has not as yet uploaded any proof of claims. Nor has the insurance firm posted any notice on its website or social media indicating any incident. The insurer has not responded to an…
UK: Schools hit by cyber attack and documents leaked
Jonathan Holmes reports: Highly confidential documents from 14 schools have been leaked online by hackers, the BBC can reveal. One of those was Pates Grammar School in Gloucestershire, targeted by a hacking group called Vice Society. The documents, seen by the BBC, include children’s SEN information, child passport scans, staff pay scales and contract details,…
AU: VIC fire service employees’ hacked details not on dark web. Update: Yet?
Rachel Ward reports: Victoria’s fire service has reassured employees their personal details have not been posted to the dark web after the organisation was hit by a cyber attack. Fire Rescue Victoria’s IT systems, including dispatch, phones and email, were affected when online criminals hacked the service in December. Read more at Kalgoorlie Miner. Update…
PA: Maternal & Family Health Services reveals ransomware incident
Maternal & Family Health Services (“MFHS”) in Pennsylvania has issued a press release about what they describe as a “sophisticated ransomware incident.” At this point, given so many ransomware attacks over the past few years, DataBreaches has no idea what would be considered “sophisticated.” In any event, MFHS began notifying potentially affected individuals, including certain…
Romanian hospital victim of ransomware attack
Radu Dumitrescu reports: The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was the target of a ransomware attack in December, and medical activity is still impacted. Hackers demanded 3 Bitcoin for the decryption of the data on the servers. The attack is similar to the one in the summer of 2019, when four…