Reading Time: ~ 2 min.
Ragnar locker Attacks Portuguese Energy Producer
It was recently confirmed that Energias
de Portugal (EDP), one of the largest energy producers in the world, has
fallen victim to the Ragnar Locker ransomware variant. The original attack took
place in April but was only discovered in May after nearly three weeks of being
active on their systems. After contacting affected customers, the company also
revealed it was subject to a Bitcoin ransom of roughly $10 million to ensure
the stolen data wasn’t publicly released.
Xchanging MSP Falls Victim to Ransomware
An MSP known as Xchanging,
which primarily serves the insurance industry, was hit with a ransomware attack
over the weekend that forced it to take many of its systems offline. Though the
attack was largely confined to Xchanging’s systems and only affected a small
number of customers, it is still unclear how long the infection was active
before discovery. In a statement, the company says it’s working to restore access
to customer operating environments as quickly as possible.
Fitness Firm Exposes Customer Info
Nearly 1.3 million customer files and photos were
compromised after the fitness firm V
Shred was breached, potentially affecting up to 100,000 clients. The data was
stored on an improperly configured Amazon S3 bucket that was discovered as a
part of a larger mapping project that had already located several similar leaks.
While V Shred confirmed much of the data was publicly available, it originally
denied that the dataset itself contained full names, addresses, and other
highly sensitive personal information that could be used maliciously.
Magecart Group Surpasses 570 Victim Sites
In the three years since Magecart Group 8’s initial foray onto
the card-skimming scene, it has successfully compromised over 570 e-commerce
sites around the world. More than 25 percent of the attacks targeted US domains
and stemmed from 64 unique attack domains that were able to distribute injected
legitimate domains. It’s believed the group has netted over $7 million from selling
stolen payment card information since April 2017.
Clubillion Casino App Leak Could Affect Millions
A database containing personally identifiable information on
millions of users of the casino app Clubillion
was compromised in late March. The breach was discovered and secured within five
days, though heavy traffic to the site may have enabled the compromise of hundreds
of thousands more individuals in that time. These types of apps are common targets
of cyberattacks because they hold such large quantities of sensitive data that
can be used for further attacks by leveraging the stolen data.
The post Cyber News Rundown: Ragnar Locker appeared first on Webroot Blog.