1.) Reports are in that class 11 students studying at the Sir John Colfox Academy, Bridport, Dorset, England have lost their valuable GCSE school work due to a ransomware attack recently. Highly placed sources say that the school database was hit by the said malware when a member of staff mistakenly opened an email containing ransomware as an attachment.
Cybersecurity Insiders learned that the email was sent from China via a server operating in Germany and the school has decided to financially compensate the students for the lost work.
The cyber attack is reported to have taken place on Feb 28th, 2019 and has resulted in the loss of some valuable GCSE academic work for class 11th students who did research in product design and food preparation and nutrition.
Currently, hackers are demanding a ransom in cryptocurrency to decrypt the locked data and warned that the data will be wiped off from the database if the demanded amount doesn’t reach their crypto wallets by this weekend.
Dorset Police have started an investigation and discovered that the ransomware email was forwarded from Germany, but was 1st drafted on servers operating eastern China.
2.) Coming to the second news related to ransomware, Wolverine Solutions Group (WSG) a healthcare billing services provider based in Michigan has deeply investigated a ransomware incident which took place on its database last month and has released a media update that the breach could have affected more than 600,000 individuals.
According to the Michigan state officials, the company which offers medical billing services has complied with the HIPAA Breach Notification Rile and informed the law enforcement about the data steal in the last weekend.
And WSG admits that the clients affected by the breach include Three Rivers Health, North Ottawa Community Health System, Health Alliance Plan, McLaren Health Care, and Blue Cross Shield of Michigan.
3.) In other news, related to ransomware attack, Delaware Guidance Services for Children and Youth based in Dover has started to notify about 50K patients and guardians that their child’s data could have been compromised in ransomware related cyber incident which took place in December’19.
Authorities report that the said malware was discovered on the servers on December 25th,2019 and was seen encrypting patient records until a ransom is paid in exchange for the decryption key.
The locked up files had data such as patient name, social security number, medical data, addresses, and birth dates. DGS is said to have hired an external IT team to conduct forensic analysis on the issue and prima facie reveals that the locked data wasn’t compromised.
However, as a matter of goodwill gesture, DGS is ready to provide free credit monitoring and reporting service to all impacted patients.
4.) Fourthly, in a surprising move, Chinese government officials are alleging North Korean hackers for targeting the top officials leading the People’s Government of Yiling District with Gandcrab ransomware.
News is out that from March 11th, hackers have been targeting the websites of government departments with emails containing ransomware.
Highly placed sources say that the GandCrab ransomware is being delivered with an email containing the subject line “You must report to the police at 3 pm on March 11. And more details are enclosed in the document- which has an attachment filled with “03-11-19.rar”.
As soon as the victim’s hard disk data gets encrypted, they are being asked to download the TOR browser to make the ransom payment through digital currency.