Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

Blackbaud Ransomware Victim Count Climbing

Data Breach Today

Health Data Breach Tally Shows Impact of Vendor Breach The May ransomware attack on cloud-based fundraising database management vendor Blackbaud continues to rack up victims in the healthcare sector.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Ransomware + Exfiltration + Leaks = Data Breach

Data Breach Today

Data-Leaking Extortionists' Revised Playbook Goes Way Beyond Ransomware Ransomware-wielding attackers continue to pummel organizations.

Ransomware Danger: Russian-Speaking Gang Targets Russians

Data Breach Today

So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. UK hospitals had to redirect patients during the 2017 WannaCry ransomware attack , but there were no documented fatalities from that event.

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

More Ransomware Gangs Threaten Victims With Data Leaking

Data Breach Today

22% of Ransomware Incidents Now Involve Data Exfiltration, Investigators Find Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through.

Cognizant: Ransomware Attack Disrupting Services

Data Breach Today

SEC Filing Shows Company Still Assessing Maze Attack IT services and consulting giant Cognizant is still assessing the damage from a ransomware attack on Friday.

99 Ransomware Problems - and a Decryptor Ain't One

Data Breach Today

Criminals Keep Finding New Ways to Make Ransomware Victims Pay With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one.

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Currently, more than a dozen ransomware crime gangs have erected their own blogs to publish sensitive data from victims. Ransomware ransomware

Mac Malware Primarily Infostealer, Not Ransomware

Data Breach Today

Ransomware Reportedly Hits Ventilator Maker

Data Breach Today

Incident Reflects Threats Facing Those Involved in COVID-19 Response A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Victims of ThunderX ransomware can recover their files for free

Security Affairs

Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files.

Carnival Cruise Ship Firm Investigating Ransomware Attack

Data Breach Today

the world's largest cruise ship company, is investigating a ransomware attack that likely compromised guest and employee data, according its filing with the SEC. SEC Filing Warns That Guest and Employee Data Likely Compromised Carnival Corp.,

Operators Behind ProLocker Ransomware Seek 'Big Game'

Data Breach Today

Group-IB: Attackers Now Using Qbot Trojan and Demand Huge Ransoms Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports.

Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct.

Analysis: Why Ransomware Gangs Getting Bigger Payoffs

Data Breach Today

The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa

Maze Ransomware Attack Borrows RagnarLocker Hacking Move

Data Breach Today

Ransomware Gang Cross-Pollination Continues as LockBit Launches Its Own Leaks Site Stop me if you think you've heard this one before: Some ransomware attackers are hiding attack code in virtual machines or creating new leaking sites to pressure victims into paying

Newcastle University infected with DoppelPaymer Ransomware

Security Affairs

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. The post Newcastle University infected with DoppelPaymer Ransomware appeared first on Security Affairs.

Ransomware and DDoS Attacks Disrupt More Schools

Data Breach Today

How Ekans Ransomware Targets Industrial Control Systems

Data Breach Today

Researchers Identified Malware Variants With Advanced Capabilities Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report.

Lawsuits After Ransomware Incidents: The Trend Continues

Data Breach Today

In Latest Case, Florida Practice Sued for Damages, and Security Mandates Sought A lawsuit seeking damages as well as security mandates has been filed against a Florida-based orthopedic group in the wake of a ransomware incident.

Avaddon Ransomware Joins Data-Leaking Club

Data Breach Today

Operators Create a Dedicated Leak Site, Continue Recruiting Affiliates Yet another ransomware-wielding gang has threatened to steal and leak the data of any victims who refuse to pay a ransom: The operators of Avaddon ransomware have created a dedicated data-leak site that already lists a construction firm victim, and the gang continues to recruit new affiliates

Ransomware: DarkSide Debuts; Script-Kiddies Tap Dharma

Data Breach Today

Crypto-Locking Malware Wielded by Even More Types of Extortionists Ransomware-wielding gangs continue to rack up new victims and post record proceeds.

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

Fresenius , Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. In April, the international police organization INTERPOL warned it “has detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.

Ransomware Attack at Hospital Leads to Patient's Death

Data Breach Today

Attack Reportedly Was Intended to Hit University A ransomware attack that reportedly was directed at a German university but shut down emergency services at an affiliated hospital likely contributed to the death of a patient who needed urgent treatment but instead had to be transported to another hospital, delaying care, according to a news report.

‘Double Extortion’ Ransomware Attacks Spike

Threatpost

More ransomware operators are setting up pages where they threaten to publish compromised data from victims - an added pressure for victims to pay the ransom.

Maze Ransomware Attack Hits Cognizant

Threatpost

Cognizant has confirmed that a Friday evening Maze ransomware attack has disrupted its systems. Hacks Malware allied universal cyberattack cognizant cyberattack IOC maze maze ransomware pensacola cyberattack ransomware Ransomware Attack service disruption

Emotet, Ryuk, TrickBot: 'Loader-Ransomware-Banker Trifecta'

Data Breach Today

This "loader-ransomware-banker trifecta has wreaked havoc" in recent years, says security firm Intel 471

Maze ransomware uses Ragnar Locker virtual machine technique

Security Affairs

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine.

Ransomware: Average Business Payout Surges to $111,605

Data Breach Today

Ryuk and Sodinokibi Largely Responsible for One-Third Increase in Average Payments The average ransom paid by victims to ransomware attackers, when they paid, reached $111,605 in the first quarter of this year, up by one-third from the previous quarter, reports ransomware incident response firm Coveware, which sees the Sodinokibi, Ryuk and Phobos malware families continuing to dominate

Ransomware Now Leaking Stolen Documents

Schneier on Security

Originally, ransomware didn't involve any data theft. Now ransomware is increasingly involving both encryption and exfiltration. Recently, the aerospace company Visser Precision was hit by the DoppelPaymer ransomware. blackmail dataloss doxing encryption ransomware

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Krebs on Security

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned.

Blackbaud Ransomware Breach Victims, Lawsuits Pile Up

Data Breach Today

More Entities Reporting Breaches Tied to Attack; Millions Affected As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the cloud-based fundraising software vendor

Ransomware Remains 'Significant' Threat, Australia Warns

Data Breach Today

'Malicious Cyber Activity' Increasing, Says Australia's Cyber Security Centre The volume of online attacks being lobbed at Australia continues to rise, with email-born attacks and particularly ransomware remaining top threats, Australia's Cyber Security Centre warns in its latest "Cyber Threat Report." It urges organizations to better prepare.

Deadly Ransomware Story Continues to Unfold

Dark Reading

A ransomware attack with fatal consequences is attracting notice and comment from around the world

Zeppelin Ransomware Floats Back Into View

Data Breach Today

Updated Trojan Downloader Helps Avoid Detection After a six-month hiatus, the Zeppelin ransomware variant returned in late August, according to Juniper Threats Labs.

No COVID-19 Respite: Ransomware Keeps Pummeling Healthcare

Data Breach Today

Cybercrime Gangs Providing 'No Abatement, Empathy or Free Decryptor,' Expert Says As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns.