City of Lowell
April 25, 2023
•[ ransomware, malware, government ]
The City of Lowell announces to have been hit by a ransomware attack. The Play ransomware gang claims responsibility for the attack.
Multimedica
April 25, 2023
•[ ransomware, malware, healthcare ]
Multimedica is hit with a ransomware attack and several hospitals in Italy cannot provide services to their patients.
Clarke County Hospital
April 24, 2023
•[ ransomware, malware, healthcare ]
The Clarke County Hospital is added to the list of the Royal ransomware victims.
Fullerton India
April 24, 2023
•[ ransomware, malware, finance ]
The LockBit ransomware claims to have hit Indian non-bank lender Fullerton India and threatens to dump more than 600 gigabytes of financial data unless it receives a $3 million extortion payment.
Yellow Pages Canada
April 24, 2023
•[ ransomware, malware, technology ]
Yellow Pages Canada, a Canadian directory publisher confirms to have been hit by a cyber attack. The Black Basta ransomware and extortion gang claims responsibility for the attack and posts sensitive documents and data over the weekend.
National Gallery of Canada
April 23, 2023
•[ ransomware, malware, government ]
The National Gallery of Canada says it's 'recovering' following a ransomware attack.
Naivas
April 23, 2023
•[ ransomware, malware, retail ]
Kenya's Naivas supermarket chain is the victim of a BlackCat ransomware incident.
Albany ENT & Allergy Services
April 23, 2023
•[ ransomware, malware, healthcare ]
Both BianLian and RansomHouse ransomware gangs list Albany ENT & Allergy Services in their leak site.
Allied Benefit
April 22, 2023
•[ ransomware, leak, malware ]
The Cl0p ransomware gang leaks some data from Allied Benefit allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
CloudMed
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang leaks some data from CloudMed allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
ITx
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked ITx, a revenue management company, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
MedExHCO
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked MedExHCO, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Multiplan
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked Multiplan, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Cementos Progreso
April 21, 2023
•[ ransomware, leak, malware ]
Cementos Progreso is added to BlackCat's ransomware leak site. As proof, they offer some samples with internal documents.
Logistica Integrada Sulamericana (LISA)
April 21, 2023
•[ ransomware, malware ]
Logistica Integrada Sulamericana (LISA) is listed in the BlackCat's ransomware leak site.
Seguros la Occidental
April 21, 2023
•[ ransomware, malware, finance ]
Seguros la Occidental, a Venezuelan insurer that offers general and life insurance products, is added to BlackCat's ransomware leak site with samples containing 27 screenshots of images of various insurance company documents that included ID cards.
Saville Row
April 21, 2023
•[ ransomware, leak, malware ]
Saville Row, a Chilean clothing store, is added to BlackCat's ransomware leak site.
Peachtree Orthopedics
April 20, 2023
•[ ransomware, malware, healthcare ]
Peachtree Orthopedics posts a notice of data breach on the company's website after determining that an unauthorized party had gained access to its computer network. The Karakurt ransomware gang claims responsibility for the attack.
Coldiretti
April 19, 2023
•[ ransomware, malware ]
Coldiretti, the Italian organization of agricultural entrepreneurs, suffers a Play ransomware attack.
PaperCut
April 19, 2023
•[ ransomware, malware, technology ]
Print management software developer PaperCut warns customers to update their software immediately, as hackers are actively exploiting two flaws, ZDI-CAN-18987 / PO-1216 and ZDI-CAN-19226 / PO-1219, to gain access to vulnerable servers. Later the attacks are attributed to the Cl0p ransomware gang.
