September 1, 2020: Ryuk Ransomware Attack Reported Cost Universal Health Services (UHS) an Estimated $67 Million
Universal Health Services (UHS), one of the largest healthcare services provider shut down systems at healthcare facilities around the U.S. after a cyberattack hit its networks. UHS managed to restore most affected systems and hospital operations systems during late-October. UHS said that the Ryuk ransomware attack had an estimated impact of $67 million. In October 2020, the U.S. government warned of Ryuk ransomware attacks against healthcare industry organizations including hospitals and healthcare providers.
October 22, 2020: Covid vaccine-maker Dr Reddy Laboratories hit by cyber-attack
Pharmaceutical company Dr Reddy's, which is developing a Covid-19 vaccine, stated it has been hit by a cyber-attack. Sites around the world have been affected, including those in the UK, Brazil, India, Russia and the US. The India-based company said it had isolated all of its data centre services to contain the attack. The attack came only days after the pharmaceutical company was gearing up for a phase 2/3 clinical trial of Russia’s COVID-19 vaccine, dubbed Sputnik V, after gaining the trial go-ahead from Indian regulators last week.
August 15, 2022: UK Water Utility Suffers Cyberattack
Customers have been assured there is safe drinking water after South Staffordshire PLC, the parent company of South Staffs Water and Cambridge Water in the UK, fell victim to a cyberattack Monday.
The company supplies 330 million liters of drinking water to 1.6 million customers.
“This incident has not affected our ability to supply safe water and we can confirm we are still supplying safe water to all of our Cambridge Water and South Staffs Water customers," the company said in a statement. "This is thanks to the robust systems and controls over water supply and quality we have in place at all times as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis."
August 4, 2022: NHS 111 Emergency Line Hit by Cyberattack
A cyberattack at UK company Advanced causing a software outage affected NHS 111 digital services. The attack targeted Adastra clinical patient management software. Adastra is used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings and emergency prescriptions. Advanced has indicated the issue might not be fully resolved until next week. According to NHS England, 111 services are still available. However, the Welsh Ambulance Service has warned that 111 calls may take longer to answer. In addition, NHS England warned that GPs could see an increase in the number of patients.
Ransomware thieves are demanding £500,000 after an attack against Wooton Upper School in Bedfordshire, said press reports this week. The attack, said to be the work of the Hive ransomware group, also affected the Kimberley college for 16-19-year-olds. Both of these organizations are part of the Wootton Academy Trust.
The cyber-criminal group reportedly messaged students and parents, informing them that they had compromised the Trust’s networks several weeks ago. It stole home addresses, bank details, medical records and even students’ psychological reviews. The Hive group believes that Wooton has £500,000 in cyber insurance, according to local newspaper Bedford Today. It has threatened to release all of the data unless the Trust pays up.
SHI International has confirmed that a malware attack hit its network over the 4th July weekend. SHI is a New Jersey-based provider of Information Technology (IT) products and services.
The company said in a statement: "SHI was the target of a coordinated and professional malware attack. Measures were enacted to minimize the impact on SHI's systems and operations. We are liaising with federal bodies including the FBI and CISA and there is no evidence to suggest that customer data was exfiltrated during the attack."
June 25, 2022: Cyberattack forces Macmillan Publishers to Take Operations Offline and Close Physical Offices
Book publisher Macmillan has been hit with what it describes as a “digital security incident”, with experts believing it could be ransomware. According to emails seen by Publishers Weekly, the publisher initially said that a portion of the company’s files had become encrypted and that it had taken all of its systems offline to prevent further compromise. The company’s US sales team confirmed that it was unable to process, receive, place, or ship orders as a result of the company-wide shut down of digital systems and physical offices. The attack also impacted its U.K. branch, known as Pan Macmillan.
The company declined to answer further questions on the nature of the incident or how its systems were compromised, the use of encryption by the hackers indicates that it was ransomware. The attack has not yet been claimed by any major ransomware groups, and it remains unclear whether any sensitive data was stolen.
WSJ reported on July 6 "Macmillan Says Retailers Can Again Order Its Books After Recent Cyberattack" and doesn't anticipate having to change the publishing date of any of its books.
Wiltshire Farm Foods and its parent company, Apetito IT and computer systems have been affected by a cyberattack which is causing problems with deliveries in the short term.
The Trowbridge-based company assured customers that no credit card details have been stolen as they are not kept on its computer system. The company’s CEO Paul Freeston said: “Our Crisis Management and IT teams (assisted by specialist external partners) are working all hours to bring critical systems back into operation as soon as possible. However, we expect substantial disruption in the coming days while we address these issues."
Mr Freeston said that WFF and apetito will be unable to make many deliveries in the next few days. The companies are also unable to contact customers personally as they do not have access to their telephone numbers. The company added: “We expect local Meals On Wheels deliveries made by apetito to continue using our emergency procedures."
A ransomware attack at publicly owned rail operator Northern Trains left self-service ticketing booths offline. Customers were able to continue purchasing tickets with cell phone apps, in physical ticketing booths and on the website.
"This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyberattack. Working with the supplier, we took swift action and the incident has only affected the servers which operate the ticket machines. Customer and payment data has not been compromised." A representative for Northern Trains referred further questions on to Flowbird Transport, which provides the ticketing system in question, telling us "it's their system that's been affected."
April 13, 2021: Cyberattack Delays Start of Classes At Portsmouth University.
Key IT systems at the University of Portsmouth continue to remain offline this week after a supposed ransomware attack, delaying the start of the new term.
A notice on the university’s homepage doesn’t explicitly name ransomware as the cause of the “cyber incident,” but the “ongoing technical disruption” it describes is a tell-tale sign of such attacks. However, The News has reported that it has seen an email from the university claiming it suffered a ransomware attack.