CloudNordic, a Denmark-based cloud service provider, has issued a public statement confirming the unfortunate incident of a ransomware attack that led to the complete deletion of customer data from its servers. Despite their efforts, the company found itself unable to prevent the removal of the stored information, which had initially been encrypted on August 18, 2023.
The company is diligently working on the process of restoring the lost data using backup solutions. However, the prospects of successful data recovery appear to be extremely slim, as the ransomware attack had also infiltrated the primary and secondary backup servers. Coinciding with this attack, another Danish firm named AzeroCloud fell victim to the same ransomware group. Yet, specific details regarding the extent of damage inflicted upon AzeroCloud remain undisclosed at this time.
In a separate incident, the University of Minnesota disclosed that unauthorized access to its servers took place on July 21, 2023. Disturbingly, reports indicate that the hackers behind this breach managed to acquire sensitive data associated with over 7 million social security numbers, data that had been amassed since the 1980s.
In a distinct development, a recently identified ransomware faction named Akira has embarked on a new campaign that involves the encryption of targets utilizing Cisco VPN products. Having gained notoriety for their involvement in the encryption of VMware ESXi virtual machines back in March 2023, the Akira Ransomware group has escalated their activities to now encompass Cisco VPNs. The modus operandi entails the deployment of backdoor mechanisms into various corporate networks. The full extent of the impact remains under ongoing investigation and is expected to be unveiled shortly.
Furthermore, Singing River Health System has fallen prey to a ransomware attack. Although an official confirmation is still pending, the healthcare service provider has reported suspicious external access to its computer network, potentially indicating an intrusion by a ransomware-type malware. The incident is currently being probed by the hospital’s IT personnel, who have assured the public that more comprehensive details will be disclosed in the upcoming week.
Amid these cyber threats, St. Helens Council, one of England’s oldest counties, has been thrust into the spotlight due to a suspected ransomware attack. Preliminary assessments indicate that the attack had a limited impact on certain internal systems of the council, with the website services continuing to operate normally.
In response to the evolving threat landscape, the council has taken proactive measures by establishing a dedicated sub-domain on its website. This sub-domain serves as a valuable resource to educate individuals about the dangers of falling victim to phishing attacks. For more information, interested individuals can visit www dot sthelens dot gov dot uk/watchoutforscams.
