Anthony Ha reports: The Port of Seattle released a statement Friday confirming that it was targeted by a ransomware attack. The attack occurred on August 24, with the Port (which also operates the Seattle-Tacoma International Airport) saying it had “experienced certain system outages indicating a possible cyberattack.” The Port is now describing this as “a ‘ransomware’ attack…
Category: Malware
Deal made with whistleblower after Columbus’ data leak drew global attention, deal still muzzles whistleblower
There’s an update to a disturbing story that involved a Franklin County judge granting the City of Columbus a temporary restraining order against Connor Goodwolf. Goodwolf has been providing information to the media and the public about a ransomware attack on the city and was refuting the city’s claims about the impact of the attack…
Proposed $65 million Lehigh Valley Health Network data breach settlement may compensate some victims $80,000
In 2023, a ransomware attack against Lehigh Valley Health Network by AlphV (BlackCat) involved the threat actors leaking nude photos of some cancer patients. In reporting on one of the first class action lawsuits launched against LVHN, DataBreaches pointed out how significant this situation and litigation might be, in part, because of the nude photos…
Columbus’ head of tech claims ransomware group ignored city before data leak; Rhysida says they’re lying (1)
Mark Feuerborn and Isabel Cleary report: Columbus’ massive data leak has been described as a ransomware attack, but the city’s head of technology revealed something new Monday night about the incident: not only was there no ransom, attempts to negotiate with the hackers behind it went unanswered. The Columbus City Council was on break through August,…
Microchip Technology confirms data was stolen in cyberattack
Sergiu Gatlan reports: American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. Headquartered in Chandler, Arizona, the chipmaker has around 123,000 customers from multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing…
A new variant of Cicada ransomware targets VMware ESXi systems
Pierluigi Paganini reports: Cicada 3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and already listed 23 victims on its extortion portal since mid-June. The following image shows the list of victims published by the gang on its Dark Web leak site. […] The…