Worldwide Ransomware attacks confirmed in July 2020

Roll-up of Ransomware attacks we have detected in July 2020

Ransomware Attack on DXC Subsidiary Knocks Out Services Downstream

A ransomware attack on a subsidiary of IT services goliath DXC has knocked customer services offline, the company admits.

Chilton County records system affected by Ransomware attack

Chilton County Commissioner Jimmie Hardee has confirmed to CBS 42 that the county’s computer records system has been compromised in a Ransomware attack Tuesday.
https://www.cbs42.com/news/local/chilton-county-records-system-affected-by-ransomware-attack/

Gang uses Ako ransomware to hit Hamilton Brown creative design firm

Cyber criminals have used the Ako ransomware to attack Windows systems at the Hamilton Brown creative design agency in the UK, and released data from the company on the dark web after a ransom note did not evoke any response.

Texas County Sheriff’s Office Suffers Ransomware Attack

Hackers claim they stole data from the Cooke County Sheriff’s Office and are threatening to publish it online if their demands are not met. Attacks of this kind are trending across the country.

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs.

WastedLocker Ransomware Targets US Newspaper Company

The cybercriminal gang behind the WastedLocker ransomware strain recently targeted dozens of newspaper websites operated by a U.S. media company, according to the security firm.

Xerox files allegedly stolen by Maze ransomware group: reports

Maze ransomware operators claim they’ve breached Xerox’s systems and are threatening to leak massive amounts of data unless they get paid, according to media reports.

NHAI was hit by ransomware attack, suffered loss of data

NEW DELHI: Last week’s cyber attack on the mail server of the National Highways Authority of India (NHAI) has been found to be a ransomware attack that resulted in loss of all data in the server, in addition to breaches in hardware where data is stored.

Ransomware attack hits Florida orthopedic practice: 3 details

Florida Orthopaedic Institute reported a ransomware attack on its servers that impacted patient data.

22,900 MongoDB Databases Affected in Ransomware Attack

An attacker scanned for databases misconfigured to expose information and wiped the data, leaving a ransom note behind.

Incident Of The Week: Alabama Hit By 2nd Ransomware Attack In As Many Months

On the morning July 7, Alabama’s Chilton County employees notified the local IT team that their computers were running sluggish and some of the applications looked different. In an effort to shut down a suspected ransomware data breach, the county closed its doors to the public last Wednesday, July 8.
https://www.cshub.com/attacks/articles/incident-of-the-week-alabama-hit-by-2nd-ransomware-attack-in-as-many-months

Orange confirms ransomware attack exposing business customers’ data

Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers.

Ransomware attack halts X-FAB production in Lubbock, worldwide

LUBBOCK, Texas (KCBD) - Production at the X-FAB plant in Lubbock was halted on July 5 due to a ransomware attack on their manufacturing and IT systems.

Maze Ransomware Attacks IT Staffing Firm Collabera

Cybercriminals recently launched a Maze ransomware attack against IT staffing firm Collabera, according to The Register. Hackers used Maze to access Collabera employees’ names, addresses and other personal information and infect its systems during the cyberattack.

Cyber crims use Windows Nefilim ransomware to hit Indian firm Indoco

Cyber criminals appear to have hit the website of Indian pharmaceutical product manufacturer Indoco Remedies using the Windows Nefilim ransomware, and have released preliminary details about the raid.

Dover’s Mid-Delaware Imaging Hit By Ransomware Attack, Warns Of Possible Data Breach

Mid-Delaware Imaging (“MDI”) announced Tuesday that it has taken action after becoming aware of a ransomware event in which an unknown third party encrypted its systems. MDI is providing notice of this event to potentially impacted individuals as well as certain regulators.

Ransomware suspected in attack on Canada Defence Academy

The website and email systems of Canada’s Royal Military College in Kingston, Ontario, part of the country’s National Defence department, have been taken offline following what has been said to be a ransomware attack, a report says.

Charities hit by Blackbaud ransomware attack

At least one UK charity has had data stolen after a hacker attacked a US-based cloud computing provider.
https://www.thirdsector.co.uk/charities-hit-blackbaud-ransomware-attack/digital/article/1690319

Senior living ransomware attack affects almost 50,000 residents

A data breach at a Maryland long-term care provider potentially exposed the personal information of almost 50,000 residents to hackers.

Ransomware Attack Takes All Garmin Platforms Offline

Navigation giant Garmin was forced to take all of its systems down last Thursday after ransomware spread across its computers, encrypting files and demanding a reported $10 million fee for restoring access. The extended outage has affected not just athletes who use Garmin products to log workouts, but also the Garmin Pilot platform used to log flight plans and check weather. Even the company’s customer support system was shut down.

Sheffield Hallam University confirms data breach in global ransomware attack

A Sheffield university has confirmed it was one of more than 20 charities and educational institutions across the UK, US and Canada to have had data stolen after hackers attacked a cloud computing provider.

University of North Florida Foundation targeted by ransomware attack; donor data exposed

A Welsh university has confirmed it was one of more than 20 institutions in the UK, US and Canada that has been affected after hackers attacked a cloud computing provider.
https://stocknewspress.com/2020/07/26/university-of-north-florida-foundation-targeted-by.html

Spanish Railway Infrastructure Threatened by Ransomware

REvil is reportedly behind the attack against the Spanish railway manager ADIF and claimed to have stolen over 800 GB of data.

Ransomware attack takes out TV ratings

The overnight TV ratings continue to be unavailable for the sixth day due to a ransomware attack on Nielsen.

Maze ransomware attack exposes personal info of 1,501 Montana VA health system patients

Montana VA Health Care System recently began notifying 1,501 patients that their personal data was exposed through a ransomware attack on the Department of Veterans Affairs’ former billing and collections contractor Benefit Recovery Specialists, Great Falls Tribune reports.

English Football Club Hit With Multi-Million Dollar Ransomware Attack

The UK National Cyber Security Centre released a report on July 23 that discloses a growing trend in ransomware attacks against the sports sector. They noted a recent example in which attackers demanded that an English Football League club, or EFL, pay a multi-million dollar ransom in Bitcoin (BTC).

University Ransomware Attack: Hackers Hit SUNY Erie

Cybercriminals launch a ransomware attack against The State University of New York at Erie (SUNY Erie) & force the school to shut down some of its servers.

Blackbaud Security Breach Impacted 6 UK Universities; Ransomware Attack Worse than Prevously Thought

Data from six universities in the United Kingdom have been compromised after a global cyberattack that targeted Blackbaud, one of the largest providers for education, fundraising, and financial administration software.

Telcos in the firing line as ransomware attacks hit new highs

Telecom Argentina has become the latest to experience a ransomware attack, with perpetrators demanding the equivalent of US$7.5 million in the cryptocurrency Monero.

Netwalker Ransomware Stole Data After Targeting Lorien Health Services

Attribution link: https://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/
Maryland-based nursing home facility Lorien Health Services has disclosed a ransomware attack. The incident impacted the data of around 50 thousand individuals.
https://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/

Sydney strata management firm Strata Plus hit by Maze ransomware

The Australian strata management company Strata Plus appears to have been hit by a gang using the Maze ransomware that can wreak havoc on Windows systems.

Labour Party is latest victim of Blackbaud ransomware attack

Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour.

Suspected ransomware attack hits UNM law school

Officials at the University of New Mexico School of Law believe they have been attacked by ransomware, a malicious software that is preventing students, faculty and staff from accessing emails and shared files at the school.

California pharmaceutical firm hit by DopplePaymer ransomware

California-based Amphastar Pharmaceuticals has joined the army of companies hit by ransomware, with the firm appearing to have suffered an attack by cyber criminals who have used the DopplePaymer ransomware that attacks Windows systems.

Athens ISD pays $50K for release of data in ransomware attack

The attack targeted data stored on district servers, backup systems, and hundreds of computers. As a result, access to data has been blocked including teacher communications, student schedules, grades, and assignments.
https://www.easttexasmatters.com/news/education/athens-isd-pays-50k-for-release-of-data-in-ransomware-attack/

Iowa State Foundation confirms ransomware attack through third-party source

The Iowa State Foundation announced it had a ransomware attack through a third-party program.
https://www.kcci.com/article/iowa-state-foundation-confirms-ransomware-attack-through-third-party-source/33463838#

Ransomware Attack on Garmin Services Leaves Pilots and Users Unable to Operate

A ransomware attack hit technology company Garmin, bringing its operations to a grinding halt on July 23. The attack on Garmin services left the company unable to respond to calls, emails, and online chats from angry users, according to the company’s official statement on Twitter.

Travel company CWT avoids ransomware derailment by paying $4.5m blackmail demand

According to reports, Minnesota-based business travel company CWT is the latest victim of the latest trend in ransomware.

SEI Investments: Vendor Hit by Ransomware, Data Leaked

Fund administrator SEI Investments Co. acknowledged Monday that it suffered a data breach after one of its vendors was struck with a ransomware attack, resulting in some of its customers’ data being made public by the malicious actors.