Worldwide Ransomware attacks confirmed in February 2020

Roll-up of Ransomware attacks we have detected in February 2020

US Gas Pipeline Shut After Ransomware Attack

A US natural gas facility was forced to shut down operations for two days after becoming infected with commodity ransomware, the Department of Homeland Security (DHS) has revealed.

Maze Ransomware Hits Law Firms and French Giant Bouygues

Cyber-criminals behind the Maze ransomware attacks have claimed several more scalps over the past few days, including five law firms and a French industrial giant, all of which are thought to have had sensitive internal data stolen.

Ransomware attack leaves council facing huge bill to restore services

IT servers have been disabled for past three weeks, affecting website and phone lines

1 in 6 Massachusetts Communities Hit by ‘Ransomware’ Attacks

Many towns recovered their files from backups, but at least 10 handed over taxpayer money to hackers to unlock their data, records obtained by the NBC10 Boston Investigators show.

New Jersey Hospital Network Faces Lawsuit Over Ransomware Attack

A proposed class-action lawsuit has been filed against New Jersey’s largest hospital health network over a ransomware attack that happened in December.

Jordan Health hit by ransomware attack, shuts down computer network

A ransomware attack has prompted Jordan Health to shut down its computer networks, a spokesperson said Thursday morning.
https://www.democratandchronicle.com/story/news/2020/02/27/jordan-health-hit-ransomware-attack-shuts-down-computer-network-rochester-canandaigua-ny/4891715002/

City of Racine’s computer systems infected by ransomware

The City of Racine’s computer systems were infected by ransomware starting Friday morning, Jan. 31, and remained a problem until Sunday afternoon.
https://fox6now.com/2020/02/03/city-of-racines-computer-systems-infected-by-ransomware/

Ransomware cripples Havre Public Schools computer system

(Havre Herald) The Havre Public Schools superintendent learned via a phone call early Tuesday that ransomeware had hacked and “crippled” the school district’s computer system.

Ryuk ransomware used to attack Volusia library computers

Volusia County officials have turned over information for criminal investigation and public records indicate the cyber attacks that took down library computers used Ryuk ransomware.
https://www.news-journalonline.com/news/20200206/ryuk-ransomware-used-to-attack-volusia-library-computers

Niagara University email servers attacked by ransomware

Niagara University’s email servers have been attacked by ransomware, according to school officials.

DoppelPaymer Ransomware Sells Victims’ Data on Darknet if Not Paid

The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim’s stolen files if they do not pay a ransom demand.

Warning to law firms: a ransomware group is stealing data and posting it online

Five law firms have been hit by a notorious ransomware group known as Maze – three within the last 72 hours alone. It is highly likely Maze will target more law firms in the days and weeks ahead. While only U.S. firms have so been hit, firms in other countries are equally at risk.

New Ransomware Strain Halts Toll Group Deliveries

Australian transportation and logistics company Toll Group stated today that systems across multiple sites and business units were encrypted affected by a ransomware called the Mailto ransomware.

Mailto (NetWalker) Ransomware Targets Enterprise Networks

With the high ransom prices and big payouts of enterprise-targeting ransomware, we now have another ransomware known as Mailto or Netwalker that is compromising enterprise networks and encrypting all of the Windows devices connected to it.

ITI Technical College latest victim of ransomware attacks

A ransomware attack has “hampered but not paralyzed” operations at ITI Technical College in Baton Rouge, the vice president of the college, Mark Worthy, said Monday.

School’s out as ransomware attack downs IT systems at Scotland’s Dundee and Angus College

A further education college in east Scotland has been struck by what its principal described as a cyber “bomb” in an apparent ransomware attack so bad that students have been told to stay away and reset passwords en masse.

North Miami Beach Police Department Hit With Ransomware Attack

The North Miami Beach Police Department was hit with a ransomware attack and is now being told to pay millions to regain access to information it stored online.

Texas attack: Garrison, Nacogdoches schools hit with ransomware

A school district and city in the same geographically area in Texas were each hit with ransomware this week with the city of Garrison making a quick recovery, however, the Nacogdoches Independent School District (NISD) is still struggling.

Redcar cyber-attack: Council using pen and paper

More than 135,000 UK residents have been without online public services for nearly a week, as their council struggles with a cyber-attack.

Croatia’s largest petrol station chain impacted by cyber-attack

A security incident described as “a cyber-attack” has crippled some business operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain.

Facilities firm ISS World crippled by ransomware attack

An apparent ransomware attack has compromised some IT and email systems at Danish facilities firm ISS World

IN: South Adams Schools hit with ransomware cyber-attack

The South Adams Schools district is dealing with a ransomware cyber-attack that took place overnight. Administrators informed staff Thursday morning according to a press release posted on the district website.
https://www.databreaches.net/in-south-adams-schools-hit-with-ransomware-cyber-attack/

Gadsden school district hit by ransomware for the second time in a year

Seven months after a ransomware attack disabled its email systems, the Gadsden Independent School District is suffering another bout with the virus after its systems were taken down Monday.
https://www.lcsun-news.com/story/news/local/2020/02/25/gadsden-independent-school-district-hit-ransomware-second-time-year-ryuk-virus/4870455002/

Ransomware attack responsible for La Salle County technology issues

La Salle County officials said Wednesday a ransomware demand was responsible for its ongoing technology issues.

Australian wool sales stopped by ransomware attack

Wool sales across Australia have been halted after Talman, a major software supplier to the industry, was hit by a ransomware attack that encrypted its production databases.

The Investigators: Collierville ransomware attack cost over $100,000; town now considering legal action

The simple task of opening an email could end with hackers holding your digital life hostage. That is what happened to the Town of Collierville last summer.

City of Wayne falls victim to ransomware cyber attack

The city of Wayne revealed earlier this week that it had been hit by a ransomware attack.

Ransomware attack infects Grayson County computers

Grayson County was dealing with a new cyber security threat on Monday.

Ransomware attacks on New Orleans, other Louisiana entities, part of growing trend

Last week’s cyberattack on Louisiana ITI College in Baton Rouge — which followed similar attacks in New Orleans and elsewhere in the state — suggests that hackers have no intention of leaving Louisiana alone.

$200,000: University of Maastricht Pays Hackers a 30 Bitcoin Ransom

The University of Maastricht has revealed it paid hackers a ransom of 30 bitcoin, worth over $200,000 at the time, for the hackers to lift a ransomware attack blocking its systems.

Dharma Ransomware Attacks Italy in New Spam Campaign

Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy.

US Railroad Contractor Reports Data Breach After Ransomware Attack

RailWorks Corporation, one of North America’s leading railroad track and transit system providers, disclosed a ransomware attack that led to the exposure of personally identifiable information of current and former employees, their beneficiaries and dependents, as well as that of independent contractors.

Sodinokibi Ransomware Posts Alleged Data of Kenneth Cole Fashion Giant

The operators behind Sodinokibi Ransomware published download links to files containing what they claim is financial and work documents, as well as customers’ personal data stolen from giant U.S. fashion house Kenneth Cole Productions.

DoppelPaymer Hacked Bretagne Télécom Using the Citrix ADC Flaw

Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability.

Cyberattack on NRC Health sparks privacy concerns about private patient records stored by US hospitals

NRC Health, a publicly-traded company that says it works with 75 percent of the 200 largest U.S. hospital chains, was hit with a cyberattack on Feb. 11, a spokesperson confirmed to CNBC. The attack sparked concerns about the security of patient health information stored on NRC Health’s servers.
https://www.cnbc.com/2020/02/20/nrc-health-cyberattack-sparks-privacy-concerns-about-patient-records-in-us.html

Records reveal City of Cartersville paid ransomware attackers $380K

On May 6, 2019, the City of Cartersville alerted residents that the local government had fallen prey to a ransomware attack. Yet since then, details on the size, scope and severity of the cybersecurity breach have remained scarce.