United States


Ransomware Attack at Pierce Transit System

February 14, 2023

A ransomware “incident” hit Pierce Transit. A Pierce Transit spokesperson stated the agency “experienced a ransomware incident that temporarily disrupted some agency systems. Upon discovering the incident, our team immediately took action to contain and isolate the threat. Third party forensic experts were engaged to conduct a thorough investigation into the nature and scope of the incident, and law enforcement has been notified.” They claim that transit operations and rider safety were not impacted because of the incident.
The Pierce Transit spokesperson went on to say that an “unauthorized actor” has claimed responsibility and that the investigation into the disruption is ongoing.

read more

Data Breach at Fresh Del Monte Produce Exposed Employee Data

May 16, 2023

On May 16, 2023, Fresh Del Monte Produce, Inc. filed a notice of data breach with the Attorney General of Massachusetts after learning that confidential employee information was subject to unauthorized access following a cyberattack. According to the filing, an unauthorized user gained access to the company’s computer network. The breach exposed confidential employee information containing consumer information including names, Social Security numbers, driver’s license numbers, passport numbers, financial account information, and protected health information.

Fresh del Monte believes that no consumer data was leaked as a result of the incident. The company launched an investigation and took its systems offline in an effort to limit further access.

read more

Cyberattack at Staples Disrupts Internal Operations.

November 27, 2023

American office supply retailer Staples took some of its systems down to contain impact of a cybersecurity attack and protect customer data. Staples confirmed that it was forced to take protective action to mitigate what it described as a “cybersecurity risk.” The response measures disrupted backend processing and product delivery.

In March 2023, Staples-owned distributor Essendant also experienced a multi-day outage that prevented customers and suppliers from placing or fulfilling online orders.

read more

Two Major NY Hospitals Struggle to Recover from Lockbit Cyberattack

September 1, 2023

Two major hospitals serving thousands in upstate New York are struggling to recover from cyberattacks that were announced last week.

The two facilities, Carthage Area Hospital and Claxton-Hepburn Medical Center, serve an area with more than 200,000 people in Jefferson, Lewis and St. Lawrence Counties. For two weeks, the hospitals have been dealing with a cybersecurity incident that forced them to divert ambulances to other local hospitals and reschedule most appointments.

Richard Duvall, chief executive officer of both hospitals, said “no demand for a ransom has been made.”

read more

USA’s ASPR issues Alert as Ransomware Gang Attacks Cancer Centers.

June 16, 2023

An attack against a US cancer center in June 2023 rendered digital services unavailable, limiting the center’s patient care capabilities.The group calling itself TimisoaraHackerTeam (THT), is not widely known but it has a history of attacking medical facilities by exploiting known vulnerabilities and using a living-off-the-land approach to minimize detection.

ASPR Healthcare and Public Health Sector issued a Cybersecurity Notification and warning on June 16, 2023: “Even among hackers, there is often a code of conduct not to attack hospitals or other HPH organizations that could cause physical harm,” HHS stated. “However, in their purposeful targeting of the healthcare sector, groups like THT abstain from that moral code.”

read more

Lockbit Ransomware Attack at Office Supply Distributor Essendant

March 6, 2023

A systems outage at Essendant is preventing the placement or fulfillment of online orders, thereby impacting both the company’s customers and suppliers. Freight carriers have also been told to hold off on any pick-ups until further notice. Essendant continues to make its recovery efforts. During this time, customers will not be able to place orders or contact Essendant’s customer care. The company’s statement acknowledges a threat actor publicly claimed responsibility for the cyberattack, but the validity of these claims has not been officially confirmed yet.

Essendant stocks over 160,000 types BleepingComputer reached out to Staples and Essendant with questions but we were not provided with any additional information of items serving approximately 30,000 reseller customers. The systems outage is therefore likely to have a widespread impact on the supply chain.

read more

Bay & Bay Transport, MN Hit by Ransomware Attack a 2nd Time

December 1, 2021

Bay & Bay Transport was targeted by a ransomware gang called Conti. Wade Anderson, Bay & Bay’s chief information officer, chief technology officer and head of marketing said that ransomware only impacted some of its systems and “a small minority” of desktop computers, but that everything was shut down as a precaution. The company, he said, had measures in place to minimize the impacts and was able to return to “90% functionality” within about a day in a half, he said.

In contrast to its response to the attack in 2018, Bay & Bay refused to pay. Anderson said the company was in a better position to recover on its own instead of paying the criminals for the key to decrypt its data

read more

Operational Impact at Electronics Company Alps Alpine Group

September 10, 2023

ALPS’ North American production operations and delivery was impacted by a ransomware incident on their systems. ALP promptly shut off the network connection of servers and other devices infected and reported they “are still working to restore equipment and production functions. At present, with the exception of our production bases in Mexico, we have resumed production and delivery with alternative methods for system failures.”

North American employee data was reportedly leaked.

This follows on the heels of a separate attack on July 6, 2023, where an attack exfiltrated data on 16,000 employees.

read more

MGM Shuts Down Operations for 10 Days Across Las Vegas Properties

September 8, 2023

A major cyberattack disrupted operations of MGM Resort in Las Vegas. The cyberattack forced MGM to shut down significant portions of its internal networks, affecting various aspects of its services. Guests at MGM’s hotels and casinos, including renowned establishments like the Bellagio, Aria, and Cosmopolitan, have reported widespread disruptions.

The hackers spear phished an MGM employee through social media. MGM did not pay the ransom.

read more