Groups, Ransomware and Retail - Information Management Today

Hive Ransomware Group Leaks Data From European Retailer

Data Breach Today

DECEMBER 8, 2022

Black Friday Attack Affected Intersport Outlets in Northern France The Hive ransomware-as-a-service group says it posted customer data obtained during a November attack against French sports retailer Intersport.

Retail

Retail Ransomware Government IT

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The Cactus ransomware group added Coop to the list of victims on its Tor leak site.

Retail

Retail Ransomware Encryption Access

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Data Breach Today

JULY 11, 2023

Victims Include Airline, Banks, Hospitals, Retailers in Canada The growing list of MOVEit cyberattack victims has grown. Sixty-two 62 clients of Big Four accounting firm Ernst & Young now appear on the Clop ransomware group's data leak sites.

Retail

Retail Ransomware

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

From St. Louis to France, Ransomware Victim List Expands

Data Breach Today

NOVEMBER 23, 2020

Among the Causes: Hit Against Managed.com Website Hosting Giant Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system.

Ransomware

Ransomware Retail

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores.

Retail

Retail Ransomware Encryption IT

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

MAY 11, 2020

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The 35,000-employee company also produces point-of-sale systems and software used by many retailers. in March. . WEEKEND WARRIORS.

Ransomware

Ransomware Retail Sales Data breaches

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. LockBit remained the most active group through 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. The attack was carried out by the Cactus ransomware gang , which claims to have stolen terabytes of corporate data from the company. The Cactus ransomware relies on multiple legitimate tools (e.g.

Ransomware

Ransomware Data breaches Digital transformation Encryption

American retailer Guess discloses data breach after ransomware attack

Security Affairs

JULY 13, 2021

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers. Pierluigi Paganini.

Retail

Retail Data breaches Ransomware Access

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware

Ransomware Digital transformation Encryption Retail

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

S ome operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. Fuel sales at our retail locations continue unhindered.

Ransomware

Ransomware Encryption Retail Sales

Retailer WH Smith discloses data breach after a cyberattack

Security Affairs

MARCH 2, 2023

Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees.

Retail

Retail Data breaches Access Ransomware

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware

Ransomware Blockchain Retail Insurance

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The company said that the ransomware attack took place on Friday night and impacted only one data center in Sweden. The company later confirmed the news of an Akira ransomware attack.

Ransomware

Ransomware Government Retail Cloud

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

“R,” “R$” and “ElSwapo1,” was the ringleader of a SIM-swapping group called the “Powell SIM Swapping Crew.” ” Colorado resident Emily “Em” Hernandez allegedly helped the group gain access to victim devices in service of SIM-swapping attacks between March 2021 and April 2023.

Blockchain

Blockchain Ransomware Retail Analytics

Ransomware at IT Services Provider Synoptek

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec. A now-deleted Tweet from Synoptek on Dec.

Ransomware

Ransomware IT Phishing Financial Services

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Security Affairs

DECEMBER 3, 2020

E-Land Retail suffered a ransomware attack, Clop ransomware operators claim to have stolen 2 million credit cards from the company. E-Land Retail is a South Korean conglomerate headquartered in Changjeon-dong Mapo-gu Seoul, South Korea. It has operations worldwide through its subsidiary E-Land World. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption Sales

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Security Affairs

AUGUST 6, 2021

RansomEXX ransomware operators hit the popular Italian luxury fashion house Ermenegildo Zegna Holding and started leaking stolen files. Ermenegildo Zegna Group is the largest menswear brand in the world by revenue. Ermenegildo Zegna Group is the largest menswear brand in the world by revenue. Pierluigi Paganini.

Ransomware

Ransomware Archiving Retail Manufacturing

Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware

Security Affairs

AUGUST 20, 2021

Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Retail Data breaches Marketing

Oil and gas giant Shell is another victim of Clop ransomware attacks

Security Affairs

JUNE 16, 2023

British multinational oil and gas company Shell has confirmed that it has suffered a ransomware attack conducted by the Clop group. The Clop ransomware gang claims to have hacked hundreds of companies by exploiting the above issue. The group claimed to have compromised the companies by exploiting the zero-day CVE-2023-34362.

Ransomware

Ransomware Data breaches Retail Government

Ransomware attack disrupted store operations in the Netherlands and Germany

Security Affairs

NOVEMBER 8, 2021

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Bleeping Computer, citing screenshots posted on Twitter, reported that 3,100 servers were infected with the ransomware. The Hive ransomware adds the.hive extension to the filename of encrypted files.

Ransomware

Ransomware Computer and Electronics Retail Sales

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware.

Ransomware

Ransomware Retail Encryption Manufacturing

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches

Data breaches Security MDM Ransomware

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

ransomware attacks against Australian organizations starting July 2021. ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 ransomware. . ransomware. in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware

Ransomware IT Healthcare Phishing

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Security Affairs

JUNE 7, 2023

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. The group has fixed the deadline on June 14.

Ransomware

Ransomware Retail Personal data Authentication

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. ” explained Odysseus. Pierluigi Paganini.

Ransomware

Ransomware IT Retail Manufacturing

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Security Affairs

JUNE 9, 2023

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. The group has fixed the deadline on June 14.

Ransomware

Ransomware Retail Access Personal data

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches

Data breaches Retail Education Ransomware

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Authentication

Authentication Retail Passwords Ransomware

FBI warns US organizations of ProLock ransomware decryptor not working

Security Affairs

MAY 18, 2020

issued a flash alert to warn organizations in the United States that the ProLock ransomware decryptor doesn’t work properly. issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. ” reads the report published by Group-IB.

Ransomware

Ransomware Retail Access Security

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading. Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. Pierluigi Paganini.

Ransomware

Ransomware Retail Manufacturing Encryption

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. In November experts observed several campaigns carried out by the TA505 group, in three of them the threat actors delivered the ServHelper malware.

IT

IT Financial Services Retail Ransomware

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Security

Security Ransomware Data breaches IoT

List of Data Breaches and Cyber Attacks in June 2022 – 34.9 Million Records Breached

IT Governance

JUNE 30, 2022

Ransomware. million) Brazilian retailer Fast Shop confirms cyber attack (unknown) ADM Associates announces security incident (unknown) Guardian Fueling Technologies has been hacked (unknown) Pape-Dawson Engineers, Inc. Cyber attacks. Data breaches. Financial information. Malicious insiders and miscellaneous incidents. In other news….

Data breaches

Data breaches Ransomware Personal data Blockchain

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

JULY 1, 2021

Ransomware. Ransomware. discloses ransomware incident (unknown). discloses ransomware incident (unknown). discloses ransomware incident (unknown). Cyber attacks. Data breaches. Financial information. Malicious insiders and miscellaneous incidents. In other news…. Cyber attacks. Find out more.

Data breaches

Data breaches Ransomware Computer and Electronics Retail

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Security Affairs

JULY 15, 2019

Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. ” Now experts found a new variant of the ransomware tracked as DoppelPaymer.

Ransomware

Ransomware Encryption Agriculture Retail

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

Security Affairs

JUNE 13, 2023

UK communications regulator Ofcom suffered a data breach after a Clop ransomware attack exploiting the MOVEit file transfer zero-day. UK’s communications regulator Ofcom disclosed a data breach after a Clop ransomware attack.

Communications

Communications Data breaches Ransomware Personal data

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

The data shows how perceptions around cyber and technology risks, from ransomware and other cyber-attacks to the threats posed by AI, are changing the global business risk landscape. Paul Bantick, Group Head of Cyber Risks, Beazley said: “Business leaders are finding it a struggle to keep up with the constantly evolving cyber threat.

Risk

Risk Insurance Energy and Utilities Marketing

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

Most online retailers grew wise to these scams years ago and stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. The stuffers use stolen cards to purchase high-value products from merchants and have the merchants ship the items to the drops’ address.

Marketing

Marketing Retail Blockchain Communications

List of Data Breaches and Cyber Attacks in March 2021 – 21 Million Records Breached

IT Governance

APRIL 1, 2021

We typically expect ambiguity when it comes to ransomware, because organisations are locked out of their files and can’t calculate what’s been affected. Ransomware. Ransomware. The issue is that in far more cases than we’d expect, the number of breached records wasn’t included in the notification, so we can’t include it here.

Data breaches

Data breaches Ransomware Manufacturing e-Delivery

List of data breaches and cyber attacks in November 2020 – 586 million records breached

IT Governance

DECEMBER 1, 2020

Ransomware. Ransomware. As usual, incidents affecting UK organisations are in bold. Cyber attacks. Data breaches. Financial information. Malicious insiders and miscellaneous incidents. In other news…. Cyber attacks.

Data breaches

Data breaches Ransomware e-Discovery Personal data

Hive Ransomware Group Leaks Data From European Retailer

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Webinars

Trending Sources

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Webinars

From St. Louis to France, Ransomware Victim List Expands

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Ransomware Hit ATM Giant Diebold Nixdorf

Ransomware attacks break records in 2023: the number of victims rose by 128%

Cactus ransomware gang claims the Schneider Electric hack

American retailer Guess discloses data breach after ransomware attack

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

PYSA ransomware gang is the most active group in November

Croatia’s largest petrol station chain INA group hit by ransomware attack

Retailer WH Smith discloses data breach after a cyberattack

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Ransomware at IT Services Provider Synoptek

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware

Oil and gas giant Shell is another victim of Clop ransomware attacks

Ransomware attack disrupted store operations in the Netherlands and Germany

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

FIN11 gang started deploying ransomware to monetize its operations

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Nefilim ransomware gang published Luxottica data on its leak site

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

FBI warns US organizations of ProLock ransomware decryptor not working

Steelcase office furniture giant hit by Ryuk ransomware attack

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

List of Data Breaches and Cyber Attacks in June 2022 – 34.9 Million Records Breached

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

List of Data Breaches and Cyber Attacks in March 2021 – 21 Million Records Breached

List of data breaches and cyber attacks in November 2020 – 586 million records breached

Stay Connected