As we approach August, it’s time to take stock of the ransomware attacks that have plagued numerous organizations, leaving CTOs and CIOs grappling with the aftermath. The year 2023 has witnessed several high-profile incidents, exposing sensitive data and causing disruptions across various industries.
1.) Harvard Pilgrim Health Care (HPHC) faced a significant breach in April. Hackers targeted HPHC, compromising the personal information of approximately 2,550,922 patients. Social engineering tactics allowed the perpetrators to steal full names, contact details, physical addresses, insurance information, medical histories, dates of birth, and social security numbers. Alarming as it is, no ransomware gang has claimed responsibility for the data theft so far.
2.) Reddit, a prominent tech-based discussion forum, became another victim of a security breach. Unauthorized access to corporate documents, software codes, and metadata occurred, with the BlackCat Ransomware gang, also known as Alphv, claiming responsibility. The hackers demanded a hefty ransom of $4.5 million for the decryption key, after gaining access to and stealing around 80GB of sensitive data.
3.) Barts Health NHS Trust, responsible for serving 2.5 million people across the UK, experienced a leak of internal documents on the dark web. The ALPHV Ransomware gang was behind the incident, exposing 5 terabytes of data out of the total 9TB in storage. This leak poses a significant risk, particularly with identity theft on the rise.
4.) Dish Network fell victim to the BlackBasta ransomware gang between February and March, causing disruptions to services like Dish Anywhere. The company took swift action, identifying and isolating the affected systems by the end of March. Details regarding the attackers and the financial impact of the attack remain undisclosed.
5.) The Royal Mail suffered at the hands of the LockBit Ransomware gang, causing delays in international deliveries. A critical infrastructure within the organization was targeted, and recovery efforts continued until November 2023.
6.) San Francisco’s BART (Bay Area Rapid Transit) encountered a ransomware incident early in the year, leading to the exposure of sensitive files. Vice Society, the perpetrator, claimed to have stolen police reports, employee information, and other confidential documents from BART servers.
7.) Dole Food Company, a prominent online retail giant in the fruits and vegetables sector, faced a file-encrypting malware attack that disrupted its operations for days. The company managed to recover from the incident with the assistance of third-party experts, refusing to pay any ransom to the criminal gang.
8.) Yum! Brands, the owner of Taco Bell, KFC, and Pizza Hut, experienced a malware attack in January that temporarily shut down operations in almost 300 UK restaurants. In response, Yum! Brands implemented threat monitoring solutions to prevent future risks.
9.) The UK Marshals Service encountered a data leak in February, with sensitive information related to US Marshals Service being exposed online. The cybercriminals behind the attack attempted to tarnish the organization’s image after their ransom demands went unheeded.
10.) In Florida, Tallahassee Memorial Hospital faced a ransomware attack that disrupted IT services for a week. As a result, administrative staff and doctors temporarily relied on paper documents, leading to the postponement of some surgeries. However, thanks to their efficient data continuity plan, the healthcare provider handled the downtime with maturity and resilience, without paying any ransom.
These incidents serve as a stern reminder of the persistent threat posed by ransomware attacks, highlighting the importance of robust cybersecurity measures and proactive planning for organizations across the globe.
