United States

June 21, 2022: Attempted Cyberattacks at Nuclear Research Laboratories in US in Summer ’22.

A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts.
Between August and September Cold River targeted the Brookhaven (BNL), Argonne (ANL) and Lawrence Livermore National Laboratories (LLNL), according to internet records that showed the hackers creating fake login pages for each institution and emailing nuclear scientists in a bid to make them reveal their passwords.

Reuters was unable to determine why the labs were targeted or if any attempted intrusion was successful. A BNL spokesperson declined to comment. LLNL did not respond to a request for comment. An ANL spokesperson referred questions to the U.S. Department of Energy, which declined to comment.

January 6, 2023: Vice Society Claims it Stole Leaked Data from San Francisco’s Bay Area Rapid Transit – BART

Vice Society, a prolific ransomware group, leaked data it claims to have stolen from San Francisco’s Bay Area Rapid Transit. BART's spokesperson Alicia Trost: "We are investigating the data that has been posted." "To be clear, no BART services or internal business systems have been impacted. As with other government agencies, we are taking all necessary precautions to respond." Trost did not say whether ransomware was involved nor when the incident occurred.

Transit sector remains highly vulnerable. “They have the worst security by far generally. It’s run on tax money and it’s run as a bureaucracy, and their mission is to deliver transit,” which means they often don’t spend enough on cybersecurity or properly assess the risk, according to Chester Wisniewski, principal research scientist at Sophos.

March 15, 2022: Wabtec Discloses Data Breach Took Place less than a Year Ago

U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach, that exposed a wide variety of personal and sensitive information, in a statement on December 30 2022. Wabtec says hackers breached their network and installed malware on specific systems as early as March 15, 2022.

News outlets reported the "possible ransomware attack" in June '22, Wabtec did not comment at that time.

March 28, 2018: Boeing Hit by Wannacry

Boeing looks like it may be the latest victim of the WannaCry ransomware.
The company, however, said it detected only what it calls “limited malware intrusion” impacting a “small number of systems.”
The ransomware first hit Boeing Wednesday and Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out a memo to warn the infection could even affect airplane software.
“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel was quoted as saying in The Seattle Times.

December 8, 2022: Disney Toy Maker Extorted by Two Ransomware Gangs

BlackCat ransomware cartel claims to have obtained Jakks Pacific data. Two weeks ago, Hive ransomware posted Jakks Pacific on their leak site. Threat actors first hacked the maker of Super Mario, Sonic, Disney Princess, and other toys in early December.

“On December 8, 2022, JAKKS experienced a ransomware attack by inserted malware into JAKKS’ computer network which locked up our servers,” the company said in a statement.
At the time, Jakks Pacific believed that threat actors accessed personal information such as names, emails, home addresses, taxpayer ID numbers, and ‘banking information.’ The company said individuals and businesses were affected by the leak pointing to the attack impacting many customers.

December 1, 2022: Hackers Demand $60M Ransom from Intrado Telecommunications

The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday.

While Intrado is yet to share any information regarding this incident, sources have told BleepingComputer early this month that the attack started on December 1 and the initial ransom demand was $60 million. The Royal Ransomware group, made up of experienced threat actors and operating without affiliates, has reportedly stolen some data from Intrado's systems and is now threatening to publish it on their data leak site unless the company pays the ransom. The attackers claim to have obtained internal documents, passports, and employee driver's licenses from compromised Intrado devices.

Although the ransomware gang has not yet leaked any of the files allegedly exfiltrated from Intrado's network, they did share a 52.8 MB archive containing scans of passports, business documents, and driver's licenses as proof of the breach.

Intrado has not yet responded to multiple requests for comment from BleepingComputer via email and voicemail.

October 1, 2022: Louisiana Hospital Disclosed Hackers Accessed Systems

Hackers accessed the personal data of nearly 270,000 patients in an attempted ransomware attack on Lake Charles Memorial Health System. LCMH thwarted the hackers’ attempt to encrypt its computers and prevented any disruption to patient care, according to spokesperson Allison Livingston. The health care provider’s own security team detected the hack.

August 11, 2020: Thyssenkrupp System Engineering Group Target of Ransomware Attack

In August 2020, Mount Locker ransomware gang targeted Engineering and Technology giant ThyssenKrupp in what appears to be a data breach. Threat actors gained access to critical HR information and documentation regarding the company’s present and past employees through the ThyssenKrupp Materials group of firms in the United States and Canada.

Mount Locker ransomware operators advertise what seems to be 30 MB of data related to ThyssenKrupp System Engineering group.

December 28, 2020: Netwalker Ransomware Group Behind Thyssenkrupp Attack in North America

ThyssenKrupp Materials group of companies based in U.S. and Canada were a victim of a ransomware cyberattack. The attack lead to encryption of its servers and employee workstations. On December 28, 2020, were breached by the NetWalker ransomware group.

January 15, 2020: Marriott Data Hack Compromised 5.2M Guest Records

Marriott International announced that approximately 5.2 million guests could be affected by a recent data breach. Upon discovery, the company disabled the compromised login credentials, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests. Marriott also notified relevant authorities and is supporting their investigations.

Pin It on Pinterest

Scroll to Top
Scroll to Top