Here is a listing for ransomware for the first quarter of 2021 based on January 2021, February 2021, and March 2021.
These are not all ransomware attacks however these are the largest or ones that have made headline.
Ransomware Attacks January 2021
Here are the Top 10 cyberattacks on organizations for January 2021.
- Apex Laboratory a home phlebotomy healthcare organization that performs blood work at home disclosed a cyberattack that happened earlier in 2020 after data stolen during the cyberattack showed up online. On December 31st, a notice posted revealed that they were the victim of a cyberattack that resulted in certain systems that were encrypted and inaccessible.
- Amey an infrastructure support service provider was the target by the Mount Locker ransomware cybercriminal group in December 2020 resulting in documents with government departments being posted online.
- Hackney Council is a London billing authority for tax and collection of precepts on behalf of the Mayor’s Office for Policing and Crime reported that they had been the cybercrime victim of a very sophisticated cyberattack after data leaked online in a double extortion style attack ransomware and it included personal identifiable information.
- Northern Territory Government is a membership to the Racing Commission in Australia experienced a cyberattack that forced its systems offline for 3 weeks as the cyberattack involved a third party supplier of one its cloud-based IT systems however the claim government data was not compromised during the cyberattack.
- OmniTRAX is a rail operator and logistics provider in Colorado and it experienced a ransomware cyberattack that targeted its parent company resulting in posted data on a dark web leak site however the parent company refused to pay the ransom.
- AKVA Group is a global supplier of technology to the aquaculture industry in Norway and they stated that that have been hit by a ransomware attack and ransom. Their statement claimed they were working with Norwegian authorities to limit damage.
- Dassault Falcon Jet Corp is a aircraft manufacturer in the US suffered a ransomware attack and according to the statement, the cyber criminals maintained access to company systems for roughly six months, between June 2020 and December 2020 resulted in compromised data including information belonging to employees such as personal information.
- Wentworth Golf and Country Club is an exclusive golf club in England that was forced to send an email of apology to its 4000 members after its clients list was accessed by cybercriminals resulting in their website claiming, “your personal files are encrypted!” with a Bitcoin cryptocurrency payment demand for decryption.
- City of Angers in France stated on social media networks that the city had suffered a ransomware cyberattack over the weekend in January 2020 and they targeted the information system of the city which caused the closure of certain services.
- Serco a global government outsourcer responsible for running part of the UK’s COVID-19 Test and Trace system suffered a cyber security attack. The cyber security incident involved ransomware uploaded to a dark web website resulting in a note addressed to Serco the cyber criminals claimed: “We’ve been surfing inside your network for about three weeks and copied more than 1TB of your data.”
Ransomware Attacks February 2021
Here are the Top 10 cyberattacks on organizations for February 2021.
- Companhia Paranaense de Energia (Copel) is a Brazilian state-owned energy company and they reported a cyberattack from a cybercriminal gang that stated they have stolen more than 1000 GB of sensitive data.
- Automatic Funds Transfer Services (AFTS) is a US based payment processor used by many cities and government agencies and they suffered a cyber security attack from a Cuba based gang that caused a significant disruption to their business operations with a potential data breach of stolen data being leaked on their dark web site including sensitive financial documents.
- Eletrobras is a large power utility company in Brazil and it suffered a cyber security attack that resulted in them suspending some critical systems to protect the integrity of the network once the cyberattack was discovered.
- Foxtons Group is a large British real estate company and made headlines when a ransomware attack made headlines and revealed a large quantity of personal and financial information belonging to clients was posted on the dark web including over 16,000 credit card details.
- Remax Kelowna in British Columbia is a real estate agency and it was hit by a cyberattack that listed all information on a dark web cyber leaks website. They report that the cyberattack copied some files however they were non-personal in nature.
- Ness Digital Engineering Company is an IT provider that was hit by ransomware that affected its networks in India, US, and Israel. Clients including government ministries, hospitals, and local municipalities were not compromised in the cyberattack.
- Mutuelle Nationale des Hospitaliers (MNH) is a French health insurance company and they suffered a ransomware cyberattack that resulted in a significant impact on operations resulting in an independent IT security firm to negotiate the ransom.
- Discount Car and Truck Rental is a large car rental agency and it was hit by a cybersecurity ransomware gang after it posted a notice on its dark web leak site stating they had copied 120 GB of corporate, banking, and franchise data.
- Kia Motors America reported a cyber security incident after suffering a major IT outage across the US resulting in internal website sites used by dealers, mobile apps, phones, and payment systems being down.
- TietoEVRY is a Finnish IT provider and were the victim of a cyberattack that caused issues for their services including retail, manufacturing, and service resulting in 25 clients being impacted however they stated that no critical or personal data was accessed or stolen by the cybercriminals attackers.
Ransomware Attacks March 2021
Here are the Top 10 cyberattacks on organizations for March 2021.
- Prism HR a payroll services organization with over 80,000 organizations as customers and over 2 million employees reported a cyberattack that they had suffered suspicious activity leading to immediate shut down of their servers and network.
- Flagstar a US bank and mortgage lender stated the suffered a data breach following a cyberattack with a ransom demand for payment in bitcoin or the exfiltrated data would be released to the public.
- Standley Systems is a US based Managed Service Provider (MSP) and they suffered a cyberattack by cybercriminals that stated they have obtained sensitive data including more than 1,000 social security numbers.
- Qualys is a cloud security organization that had data stolen including screenshots of stolen files including invoices, tax documents and purchase orders on a dark web data leak site as proof. The stated that the cyberattack had no operational impact but unauthorized access had be obtained to a server.
- Molson Coors is a beer maker and they stated that they suffered a cyberattack which caused significant disruption to their operations, production, and shipments. They are working with IT forensic technology firms along with legal counsel to investigate the incident and restore systems according to industry best practices.
- Acer a computer manufacturer made headlines with a $50 million ransom as cybercriminals shared some exfiltrated data on their dark web leak site as proof of the successful cyberattack including financial spreadsheets, bank balances, and bank communications.
- Sierra Wireless, a manufacturer of Internet of things (IoT) devices and they were forced to halt production after a ransomware attack when cybercriminals were able to infiltrate their network. They report the cyber security breach was limited to internal systems however client facing products had not been affected.
- CNA is a US based insurance organization and they have suffered a ransomware attack using a new variant of cryptolocker. According to cyber security professionals, over 15,000 devices were encrypted, and remote employees logged into the VPN were also affected.
- FatFace is a clothing retailer and they had to pay $2 million to the Conti gang when their data was held to ransom. They are currently facing criticism for failing to disclose the incident in a timely matter and for attempting to insist that affected customers keep the matter quiet.
- Royal Dutch Shell is an Anglo-Dutch multinational oil and gas company and they became victim ransomware after sensitive data from a file transfer service used by the oil giant leaked the stolen data online to prompt them to pay a ransom. The information included employee visa and passport information.
Does your business need help staying secure? Contact BrickHost, we Make IT Simple!