Damien Bancal reports (translation follows): I revealed to you, last November 3, the announced piracy of the pharmaceutical laboratory Expanscience (Mustela…). A second cyberattack, in four months, posted by a group of ransomware operators. After Maze , Egregor explained that he had invited himself to the company’s IT. On November 9, I discovered that the Bailly Creat lab, a French pharmaceutical laboratory specializing…
Category: Malware
GA: JIA sends notices to those potentially affected by ransomware attack
Lauren McDonald reports: Jekyll Island Authority has sent notices to individuals whose data may have been compromised in a recent ransomware attack. The hackers could have had access to data affecting more than 7,000 individuals and companies who do business with the authority, according to a post on JIA’s website offering an update on the…
Compal, the second-largest laptop manufacturer in the world, hit by ransomware
Catalin Cimpanu reports: Compal, a Taiwanese electronics company that builds laptops for some of the world’s largest computer brands, suffered a ransomware attack over the weekend. Responsible for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal employees with Yahoo Taiwan reporters. Read…
Ransomware hits e-commerce platform X-Cart
Catalin Cimpanu reports: E-commerce software vendor X-Cart suffered a ransomware attack at the end of October that brought down customer stores hosted on the company’s hosting platform. The incident is believed to have taken place after attackers exploited a vulnerability in a third-party software to gain access to X-Cart’s store hosting systems. Read more on ZDNet. h/t,…
Eight months after ransomware attack, Advanced Urgent Care of Florida Keys notifies patients
On March 14, DataBreaches.net reported that Advanced Urgent Care of the Florida Keys had been attacked, and patient data dumped. The data dump had been listed on a Russian-language forum known for data dumps, and the threat actor, then known as “m1x,” called the medical group “Malicious Defaulters” because they wouldn’t pay to prevent data…
Patients need to be notified sooner of ransomware dumps
In the past year, we have seen a significant increase in the use of dedicated leak sites where ransomware threat actors post the names of victims and dump some of their data to pressure them to pay demanded ransom. In the U.S., HIPAA gives covered entities no more than 60 days from discovery of a…