ransomware
Romanian energy supplier Electrica hit by ransomware attack
Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still “in progress” earlier today. The company serves over 3.8 million users with nationwide coverage for electricity supply, maintenance, and energy services, distributing electricity to customers across Transilvania and Muntenia. Electrica was established as a […]
Blue Yonder SaaS giant breached by Termite ransomware gang
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. Blue Yonder (formerly JDA Software and operating as a Panasonic subsidiary) is an Arizona-based worldwide supply chain software provider for retailers, manufacturers, and logistics providers. Its list of over 3,000 customers includes other high-profile […]
Anna Jaques Hospital ransomware breach exposed data of 300K patients
Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 310,000 patients. Anna Jaques is a not-for-profit community hospital in Massachusetts, recognized for delivering high-quality care and performing over 4,700 surgeries yearly. As a mid-size acute […]
UK disrupts Russian money laundering networks used by ransomware
A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. Dubbed “Operation Destabilise,” this international investigation has led to the arrest of 84 Russian-speaking suspects linked to the Smart (led by Ukrainian George Rossi) and TGR (controlled by […]
BT unit took servers offline after Black Basta ransomware breach
Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach. BT Group is the United Kingdom’s leading fixed and mobile telecom provider. It also provides managed telecommunications, security, and network and IT infrastructure services to customers in […]
Vodka maker Stoli files for bankruptcy in US after ransomware attack
Stoli Group’s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company’s remaining distilleries in the country. As Chris Caldwell, the President and Global Chief Executive Officer of Stoli USA and Kentucky Owl, the two Stoli Group subsidiaries, said in a Friday filing, this comes after the August attack […]
Russia arrests cybercriminal Wazawaka for ties with ransomware gangs
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. While the prosecutor’s office has yet to release any details on the individual’s identity (described as a “programmer” in court documents), the individual is […]
Bologna FC confirms data breach after RansomHub ransomware attack
Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. The Italian football team warns not to download or disseminate any of the stolen data, claiming it is a “serious criminal offense.” “Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber […]
Helldown ransomware exploits Zyxel VPN flaw to breach networks
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with medium confidence based on recent observations of Helldown attacks. Although not among the major players in the ransomware space, Helldown has quickly grown since […]
US charges Phobos ransomware admin after South Korea extradition
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) widely distributed through many affiliates. Between May 2024 and November 2024, it accounted for roughly 11% of all […]