Update on ransomware attacks on NHS, AMD and CDK Global

1.) Recently, the Qilin ransomware group, believed to originate from Russia, targeted three hospitals and a network, severely disrupting emergency services for patients. The attack, which occurred on June 4, 2024, via Synnovis Software, has led the gang to demand a ransom of $50 million. They have claimed responsibility and threatened to leak stolen data on the dark web within 7-8 days unless the ransom is paid.

In the UK, the NHS reported significant digital disruptions, resulting in the cancellation and postponement of critical medical procedures, including cancer treatments and kidney trans-plants. Over 814 procedures were affected across the network.

2.) In North America, CDK Global, a major software supplier to car dealerships, experienced a ransomware attack on its servers. While the incident disrupted operations, recovery measures have been implemented, and most services have been restored. Law enforcement is investigating, and CDK Global plans to issue a formal statement after further assessment.

The good part of the incident is that it was contained with recovery measures and most of the services were restored. For reasons, the name of the ransomware perpetrators has been withheld as the law enforcement is busy investigating the incident, after which CDK that supplies technology to about 15k dealerships across the United States is said to issue a formal statement.

3.) Meanwhile, AMD, a prominent silicon chip maker, is investigating a cyber attack linked to a ransomware group. Hackers have reportedly leaked sensitive data, including details about future products. Additionally, IntelBroker claimed to have breached AMD’s network, selling compromised employee credentials and sensitive information on a data forum.

Screenshots of the compromised data include product roadmap, specification sheets, employee details, ROM details, Property files, source codes, firmware info, finances regarding the salaries of employees, their IDs and first n last names and designations along with their business contact details like phone numbers and email IDs.

Interestingly, at the same time in the year 2022, the processor maker allegedly claimed to be investigating a 450GB data steal by a hacking group named RansomHouse, but later found the allegations as false.

4.) Next is the news related to Accenture, a tech service provider that is currently probing a data breach that might have impacted over 30,000 employees working for the IT company. As a threat actor is claiming to have infiltrated the corporate network to siphon a portion of data that includes information related to over 742,000 employees working worldwide. More details are awaited!

These incidents highlight ongoing cybersecurity challenges faced by industries worldwide, underscoring the need for robust defenses and swift responses to cyber threats.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display