On January 17, BlackCat (aka ALPHV) added NextGen to their leak site. On January 19, DataBreaches sent an email inquiry to NextGen asking when they were attacked, whether files had been encrypted, and whether any employee data or patient data had been accessed or exfiltrated. NextGen responded promptly and then sent the following statement: NextGen…
Category: Malware
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Sergiu Gatlan reports: Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’ personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were active in its network for over two months, between July 31, 2022,…
Ransomware Revenue Falls by 40% as Majority of Victims Refuse to Pay
Abdul Karim Abdulwahab reports: The illegal revenue accruing to crypto criminals from ransomware exploits declined in 2022 as more victims refused to pay, according to recent data published by market intelligence firm, Chainalysis. The report noted that Ransomware attackers could only extort $456 million from victims in 2022 after stealing nearly twice that value in…
More data leaked from St. Rose Hospital ransomware incident
Since DataBreaches first reported that data from St. Rose Hospital had appeared on a popular hacking forum and appeared to be linked to the BianLian ransomware group, there have been some additional developments: St. Rose Notified the California Attorney General’s Office The notification, submitted to California on January 12, states that Hayward Sisters Hospital d/b/a…
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
Bill Toulas reports: Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. Read more at BleepingComputer.
DNV Confirms Ransomware Attack Impacting 1,000 Ships
Mike Schuler reports: Classification society DNV is confirming that a recent ransomware cyber attack on its fleet management software has impacted around 1,000 ships. The cyber attack was discovered on the evening of Saturday, January 7, on its ShipManager fleet management and operations platform, forcing the class society to shut down the software’s IT servers. DNV now…