Robert Pelaez has an update on the Manhasset School District ransomware incident that resulted in the dumping of numerous files on current and former employees and students on the dark web — many with personal and sensitive information. But what caught my eye in the update was this: Last month, district officials warned Manhasset students…
Category: Malware
Some Florida Heart Associates data appears on dark web after ransomware attack earlier this year
In July, this site noted a May, 2021 ransomware incident that significantly impacted Florida Heart Associates. In July, they notified HHS that 45,148 patients were impacted. Now this week, we learned that it was Pysa threat actors who had attacked them, and they have now dumped some of the data. Pysa’s dump is a little…
US seizes $6 million in ransom payments and expected to charge Ukrainian over major REvil cyberattack
Christina Carrega and Sean Lyngaas report: Law enforcement officials have seized an estimated $6 million in ransom payments, and the US Justice Department is expected to announce Monday that it has charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration’s pursuit of cybercriminals, CNN…
Five Affiliates of Sodinokibi/REvil Have Been Arrested by Now
On 4 November, Romanian authorities arrested two individuals suspected of cyber-attacks deploying the Sodinokibi/REvil ransomware. They are allegedly responsible for 5,000 infections, which in total pocketed half a million euros in ransom payments. Since February 2021, law enforcement authorities have arrested three other affiliates of Sodinokibi/REvil and two suspects connected to GandCrab. These are some…
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
INTERPOL-led operation takes down prolific cybercrime ring
Interpol has released more details about theJune, 2021 takedown and arrest of people associated with CLOP and other groups. The following is today’s press release: SEOUL, Korea – A 30-month transcontinental investigation and operation has resulted in arrests and Red Notices for suspects believed to be behind a global malware crime network. Two Red Notices,…