IT Governance

JUNE 1, 2022

Ransomware. Ransomware. You can find the full list below, with incidents affecting UK organisations listed in bold. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. Cyber attacks. Data breaches. Financial information. In other news….

Data breaches 126

Data breaches Ransomware Phishing Education 126

IT Governance

OCTOBER 26, 2021

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. In more positive news, we reported on just 79 ransomware attacks in Q3, compared to 107 in the previous quarter.

Data breaches 130

Data breaches Retail Government Ransomware 130

IT Governance

FEBRUARY 21, 2024

ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7 It is not known how long the database was publicly available, nor whether anyone else accessed it. Date breached: 384,658,212 records. Data breached: 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

APRIL 12, 2022

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. One reason that these types of attack account for such a high percentage of the total is the dramatic decrease in ransomware.

Data breaches 115

Data breaches Ransomware Government Retail 115

IT Governance

OCTOBER 19, 2022

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. Part of the reason that these attacks account for such a high percentage of the total is the way organisations address ransomware attacks.

Data breaches 116

Data breaches Ransomware Phishing Government 116

IT Governance

JULY 11, 2022

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. Part of the reason that these attacks account for such a high percentage of the total is the decrease in ransomware attacks.

Data breaches 105

Data breaches Ransomware Phishing Government 105

The Last Watchdog

JULY 13, 2023

The data shows how perceptions around cyber and technology risks, from ransomware and other cyber-attacks to the threats posed by AI, are changing the global business risk landscape. The economic impact of cybercrime on business across the globe continues to reach new levels, with the cost predicted to reach US$10.5

Risk 161

Risk Insurance Energy and Utilities Marketing 161

IT Governance

FEBRUARY 14, 2024

GB City of Clemson, South Carolina Source New Public USA Yes 21,056 DGX-Dependable Hawaiian Express Source New Professional services USA Yes 20 GB Verdimed Source New Agricultural Spain Yes 19 GB Watchmax Source New Retail UK Yes 15,000 Del-Tron Precision Source New Manufacturing India Yes 8.9 GB Signature Performance, Inc.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

IT Governance

JANUARY 9, 2023

We also give ransomware its own category, due in part to the frequency of attacks and to differentiate it from intrusions that may be harder to detect, such as password breaches. Meanwhile, we discovered 255 ransomware attacks during the year (24% of all publicly disclosed incidents). Keeping your organisation secure.

Data breaches 126

Data breaches Ransomware Government Passwords 126

IT Governance

JULY 13, 2021

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. Finally, we’ve seen a continuation in the rise of ransomware. One reason for this might be the increasing normalisation of ransomware attacks.

Data breaches 98

Data breaches Retail Ransomware Government 98

Security Affairs

FEBRUARY 9, 2020

In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. The backup of a limited number of systems was also affected.”

Ransomware 100

Ransomware Encryption Passwords Retail 100

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. The compromised data allegedly includes names, email addresses and phone numbers. Data breached: 41,500,000 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

IT Governance

JANUARY 9, 2020

Ransomware will continue to increase. The complexity of ransomware is such that there have been decoders released by attackers that have bugs that prevent the decryption of the data. The retail and hospitality industries will continue to have their POS equipment targeted. Open banking will be targeted.

Security 98

Security IoT Phishing Ransomware 98

IT Governance

APRIL 12, 2023

We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches. Elsewhere, we continue to see an increase in publicly reported ransomware attacks.

Data breaches 59

Data breaches Ransomware Government Encryption 59

Security Affairs

MAY 1, 2023

Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families.

Retail 83

Retail Access Education Security 83

Adam Levin

NOVEMBER 25, 2020

The incidence of ransomware attacks has continued to climb, over 700% by some estimates in 2020 in comparison to 2019, with phishing emails being the primary vector. Many online retailers depend heavily on outreach and advertising via email and social media networks to bolster their sales through the holiday season.

Cybersecurity 76

Cybersecurity Retail Phishing Sales 76

IT Governance

DECEMBER 20, 2022

April saw a ransomware gang bucking the much-repeated advice given by cyber security researchers that criminal hackers target vulnerabilities rather than specific organisations. By comparison, a report published last year found that US firms pay $6 million on average in ransomware demands. Source: Security Affairs.

Security 132

Security Data breaches Ransomware Military 132

KnowBe4

DECEMBER 6, 2022

The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims. Ransomware, Ransom-war and Ran-some-where: What We Can Learn When the Hackers Get Hacked. Ransomware strikes organizations almost every two seconds.

Security awareness 91

Security awareness Phishing Risk Insurance 91

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

DECEMBER 5, 2023

The company’s description of the incident suggested ransomware. This was confirmed about a fortnight later, in early November, when the ALPHV/BlackCat ransomware group took responsibility for the attack , claiming to have encrypted Henry Schein’s files and exfiltrated 35 TB of data. Source (New) Education USA Yes 1,493 Kimber Mfg.,

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

Hunton Privacy

DECEMBER 15, 2017

Panelists were presented with two consumer harm and injury hypotheticals (one in a privacy context, based on retail tracking and marketing, and one in a security context, based on unauthorized access to company consumer data) and asked to assess at which stage of the hypothetical they believed consumer injury was taking place.

Privacy 42

Privacy Risk Retail Insurance 42

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Source (New) Retail USA Yes 2,469 Three GreatStar Industrial Co.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

IT Governance

JANUARY 3, 2024

GB Universidad de La Punta Source (New) Education Argentina Yes 47,562 (95,123 lines; probably half repeated) Unfallkasse Thüringen Source (New) Insurance Germany Yes 45 GB Protektor24.ru Source (New) Manufacturing USA Yes >400 GB Hafez Insurance Co. Source 1 ; source 2 (New) Manufacturing Australia Yes 95.19

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

IT Governance

JANUARY 23, 2024

Known records breached Naz.API (likely belonging to multiple organisations) Source (New) Unknown Unknown Yes 70,840,771 VF Corporation Source 1 ; source 2 (Update) Retail USA Yes 35,500,000 Pastelería Mozart Source (New) Hospitality Chile Yes 10,870,524 Foxsemicon Integrated Technology, Inc. Organisation(s) Sector Location Data breached?

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

OCTOBER 3, 2022

Ransomware. Ransomware. Costa Rica’s Junta De Proteccion Social hit by ransomware (unknown) Former students and staff at Savannah College of Art and Design affected by security incident (unknown) Ransomware attack takes down L.A. Cyber attacks. Data breaches. Malicious insiders and miscellaneous incidents. Cyber attacks.

Data breaches 143

Data breaches Ransomware Education Phishing 143

IT Governance

FEBRUARY 27, 2024

TB The Peddie School Source (New) Education USA Yes 1.2 GB Tiete Automobile Source (New) Retail Brazil Yes 68.5 TB The Peddie School Source (New) Education USA Yes 1.2 GB Tiete Automobile Source (New) Retail Brazil Yes 68.5 TB Roncelli Plastics Source (New) Manufacturing USA Yes 1.6

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52

IT Governance

APRIL 9, 2024

TB Allium UPI, UAB, Apotheka, Apotheka Beauty and PetCity Source (New) Manufacturing Estonia Yes 1,190,000 Aero Dynamic Machining, Inc. TB Allium UPI, UAB, Apotheka, Apotheka Beauty and PetCity Source (New) Manufacturing Estonia Yes 1,190,000 Aero Dynamic Machining, Inc. Source (New) Manufacturing USA Yes 1.1

Data Privacy 52

Data Privacy Privacy Security Retail 52

IT Governance

FEBRUARY 6, 2024

Schneider Electric hit by Cactus ransomware The Sustainability Business division of the energy company Schneider Electric suffered a ransomware attack on 17 January, disrupting the company’s Resource Advisor platform. Data breached: 13,300,000 records.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

ForAllSecure

MAY 17, 2023

Small to Medium Business are, today, the target of APTs and ransomware. MUSIC} VAMOSI: In EP 49, I talked with Huntress, a managed service provider that discovered the ransomware affecting customers of Keysea. And because they were plugged into those clients, they were able to limit the spread of the ransomware.

Insurance 40

Insurance Privacy Ransomware GDPR 40

eSecurity Planet

FEBRUARY 16, 2021

Ransomware. Unlike ransomware, it might be a criminal operation that does not involve the collection of a ransom. User education is one of the most powerful tools for preventing malicious mobile apps. Email is also usually how ransomware works. Since 2008, RAM scraping has been a boon for retailers. Ransomware.

Phishing 104

Phishing Ransomware Passwords Access 104

IT Governance

MAY 4, 2021

Ransomware was again one of the biggest contributors to that total, accounting for almost one in three data breaches. Ransomware. Ransomware. It was another busy month in the cyber security sector, as we discovered 143 incidents that resulted in 1,098,897,134 breached records. Cyber attacks. Data breaches. Financial information.

Data breaches 115

Data breaches Ransomware Computer and Electronics Healthcare 115

IT Governance

JUNE 1, 2023

A month later, a ransomware attack shut down the company’s operations in Italy and China. MCNA Insurance later confirmed that 8,923,662 people were affected in the incident and said the breach was a result of a ransomware attack. One criminal gang said that it had targeted the organisation and encrypted its systems.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

IT Governance

AUGUST 29, 2019

Australian education provider TAFE NSW hit by phishing scam (30). Ransomware. Ransomware strain targets German organisations, wipes files (unknown). Oklahoma-based Broken Arrow school system hit by ransomware (unknown). Arizona’s Camp Verde Unified School District hit by ransomware as school year starts (unknown).

Data breaches 111

Data breaches Phishing Ransomware Personal data 111

IT Governance

SEPTEMBER 17, 2018

It has been reported that a speculative ransomware attack on the airport resulted in its information screens being taken offline, and flight information being written on whiteboards, although no flights were delayed. Ransomware is a type of malicious programme that demands payment after launching a cyber attack on a computer system.

Ransomware 84

Ransomware Phishing Education Risk 84

eSecurity Planet

JANUARY 27, 2022

As threats mount from ransomware gangs , Russian-backed hacker groups , and other nation-sponsored attackers and as the growth in remote work makes security management increasingly complicated, many companies are finding it makes sense to turn to a managed security service provider (MSSP) for help with handling an extremely complex threat landscape.

Security 101

Security Cloud Compliance Analytics 101

IT Governance

DECEMBER 19, 2023

8 TB of data exfiltrated from Advantage Group International Following an outage affecting its leak site (see the ‘Enforcement’ section below), the ALPHV/BlackCat ransomware group is listing only a single incident: a data breach affecting the business management consultant Advantage Group International. Source (New) Finance USA Yes 1.1

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52