-
Undetermined
January 14, 2022
On January 14, 2022 Orthodox New Year, over 70 Ukrainian government websites were defaced with political imagery and a statement in Russian, Ukrainian, and Polish before going down temporarily. Most sites were restored within hours. The attack crippled much of the government's public-facing digital infrastructure, including the most widely used site for handling government services online, Diia. Diia also has a role in Ukraine's coronavirus response and in encouraging vaccination. It also crippled the sites of the Cabinet of Ministers, and the ministries of energy, sports, agriculture, veterans' affairs, and ecology. The Ukrainian company Kitsoft also confirmed that it found the WhisperGate malware on some of its systems. At least 50 of the 70 sites targeted for defacement were developed and maintained by Kitsoft. Kitsoft was compromised, which allowed the hackers to gain access to Kitsoft's administrator panel and use the company's credentials to deface customer web sites.
-
Polish Ministry of Defense
January 14, 2022
•
[ espionage, government ]
Polish Ministry of National Defnse databases containing sensitive military information are compromised.
-
Goodwill
January 14, 2022
•
[ leak, misconfiguration, retail ]
American non-profit Goodwill suffers data breach involving information of customers using its e-commerce platform.
-
Ballad Health
January 13, 2022
•
[ social, phishing, healthcare ]
Ballad Health discloses a phishing incident that potentially led to protected health information (PHI) exposure.
-
Priority Building Services, LLC
January 13, 2022
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Lewis & Clark College
January 13, 2022
•
[ ransomware, leak, malware ]
The Quantum ransomware gand drops leaked data samples on their TOR site.
-
Undetermined
January 13, 2022
Microsoft identified a destructive malware (dubbed WhisperGate) operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. The malware is assessed to be designed to look like ransomware but lacking a ransom recovery mechanism and is intended to be destructive rendering targeted devices inoperable rather than to obtain a ransom. Victims span multiple government, non-profit, and information technology organizations. A Ukrainian IT company also confirmed that it found the WhisperGate malware on some of its systems. At least 50 of the 70 sites targeted for defacement were developed and maintained by the said IT company. The latter was compromised, which allowed the hackers to gain access to its' administrator panel and use the company's credentials to deface customer web sites. Microsoft named the samples WhisperGate, while other security companies labeled the downloader as WhisperGate and WhisperKill as the actual wiper, which was considered a component of WhisperGate.
-
-
Boulder County
January 12, 2022
•
[ financial, social, phishing ]
Boulder County is able to recover the almost $238,000 it mistakenly sent to a fraudulent account after a phishing scam in September.
-
Catholic Hospice
January 12, 2022
•
[ social, phishing, healthcare ]
Catholic Hospice suffers phishing attack resulting in unauthroized access to employee email account containing patient information.
-
Lhensoldt
January 12, 2022
•
[ ransomware, malware, manufacturing ]
UK subsidiary of multinational defense contractor is hit with a Lorenz ransomware attack.
-
Nixon Williams
January 12, 2022
•
[ ransomware, malware, finance ]
Prominent accounting firm suffers apparent ransomware attack causing significant operations disruptions.
-
Teijin Automotive Technologies
January 12, 2022
•
[ ransomware, malware, manufacturing ]
Teijin Automotive Technologies files notice of a data breach after learning that a ransomware attack compromised confidential information belonging to certain employees.
-
Albuquerque Public Schools
January 12, 2022
•
[ ransomware, malware, education ]
New Mexico school system is hit with ransomware attack forcing school closures effecting about one quarter of the state's students.
-
Parasol Group
January 12, 2022
•
[ hack ]
Parasol Group is hit with a cyber attack resulting in a multi day outage.
-
Emil Frey
January 11, 2022
•
[ ransomware, malware, retail ]
Emil Frey, one of Europe's biggest car dealers, confirms it was hit with a Hive ransomware attack.
-
FDC
January 11, 2022
Documents Leaked on ransomware site.
-
University of Duisburg-Essen (UDE)
January 11, 2022
•
[ ransomware, malware, education ]
The Vice Society ransomware claims responsibility for a November 2022 cyberattack on the University of Duisburg-Essen (UDE) and also leaks files they claim to have stolen from the university during the breach, exposing potentially sensitive details about the university's operations, students, and personnel.
-
ICEHOTEL
January 11, 2022
•
[ ransomware, malware ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Ukrainian Energy Company
January 10, 2022
•
[ hack, malware, energy ]
Researchers at ESET reveal that the Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine.
