Peter Medlin has an update on the Pysa (mespinoza) ransomware attack on Illinois Valley Community College that was first disclosed in April. The college had not paid the ransom demand, and has continued to work to recover from the attack. Medlin notes: In the months since the ransomware incident, IVCC has had to rebuild and…
Category: Malware
Interim Report on Blackbaud Breach: 5.6 million patients and counting…
Since our first interim report, DataBreaches.net has continued to compile reports that mention patient information that was disclosed to Blackbaud and that may have been accessed or exfiltrated by ransomware threat actors in the data breach discovered in May. Despite the criminals pinky-swearing that they wouldn’t misuse the data and would destroy it all in…
More drama in the world of ransomware? Was Vard Group victimized twice?
Now what happened here? The Sodinokibi (“REvil”) ransomware operators have a new post that seems to claim that one of their victims was defrauded by a recovery company to the tune of $5.5 million. Vard Group, a Norwegian unit of shipbuilder Fincantieri SpA, was attacked in June 2020. But what happened next? It sounds like the…
Government software provider Tyler Technologies appears to have been hit by RansomExx ransomware – report
Lawrence Abrams reports: Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations. Tyler Technologies is one of the largest U.S. software development and technology services companies dedicated to the public sector. Read more on BleepingComputer.
AL: St. Clair County is latest victim of cyberattack
WBRC reports: St. Clair County Commission Chairman Paul Manning said the county is a victim of a cyberattack, but no data has left the system. Manning said on September 21, 2020, around 7:00 p.m., St. Clair County was the target of the cyberattack. The county immediately began taking actions to mitigate and remediate any hardware…
Big Game Hunting: Now in Russia
Rustam Mirkasymov and Oleg Skulkin of Group-IB write: The email raised no suspicions. An employee of a Russian medical company boldly clicked on the link and downloaded the attached ZIP archive. The message with the subject “Bill due” looked like it had been sent by the Finance Department of a large Russian media holding, the…