Victim website:

cvcheart.com

Victim country:

USA

Attacker name:

Qilin

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

206 GB

Exfiltrated data type:

Personal data of clients and employees

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

Victim website:

lbaproperties.com

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

200 GB

Exfiltrated data type:

Personal data were stolen from there, including: students data (contracts, SSN, IDs, contacts, payments, etc), employees data (contracts, SSN, IDs, contacts, payments, etc), insurance, quarterly reports, security reports, financial data (payments, transfers, etc)

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

centurylabel.com

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Clients’ information including a DB (addresses, phone numbers, passports/ssns scans etc), confidential documents, contracts projects

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

mgbwlaw.com

Victim country:

Canada

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Passports, credit cards, client data, finance data, insurances, payroll, driver licenses, etc.

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

4

Victim website:

ambic.co.uk

Victim country:

United Kingdom

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Account data, audit, bank, confidential agreements, insurances, passports, etc.

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

4

Victim website:

victorvilleca.gov

Victim country:

USA

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

200 GB

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

27^th Oct 23

Cyber Risk Factor:

4

Victim website:

martinsonservices.com

Victim country:

USA

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Confident agreements, passports, driver licenses, legal data, etc.

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

4

Victim website:

camico.com

Victim country:

USA

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Administration data, insurances, finance private info, client data, human resources, etc.

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

4

Victim website:

ashleyfurniture.com

Victim country:

USA

Attacker name:

Lorenz

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

85.7

Exfiltrated data type:

N/A

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

broadriverretail.com

Victim country:

USA

Attacker name:

Lorenz

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

85.7

Exfiltrated data type:

N/A

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

linkmicrotek.com

Victim country:

United Kingdom

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

3

Victim website:

fern-plastics.co.uk

Victim country:

United Kingdom

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

3

Victim website:

floristssupply.com

Victim country:

Canada

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

20 GB

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

27^th Oct 23

Cyber Risk Factor:

3

Victim website:

excon.cl

Victim country:

Chile

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

26^th Oct 23

Cyber Risk Factor:

3

Victim website:

icschool-uae.com

Victim country:

UAE

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

15 GB

Exfiltrated data type:

Children’s passports, ID cards, photo, Final Report Card, Letters to parents, statement of account, student statement, account statement, report, Receipt voucher, online Payment Receipt, invoice, tax invoice, and other critical and confidential data.

Leaked data:

/

Ransom deadline:

02^nd Oct 23

Cyber Risk Factor:

5

Victim website:

newconcepttech.com

Victim country:

USA

Attacker name:

Cuba

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents, compensation, and source code

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

Victim website:

3deng.com

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

2 TB

Exfiltrated data type:

Custom code, schematics, personally identifiable information (PII), financials, contracts, non-disclosure agreements (NDAs), and databases

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

Victim website:

pittsburgca.gov

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

1.09 TB

Exfiltrated data type:

Personal data

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

Victim website:

ada.k12.mn.us

Victim country:

USA

Attacker name:

Ransomware Blog (unnamed)

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 35,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Employee information, student information, all contracts

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

wellons.org

Victim country:

USA

Attacker name:

Ransomware Blog (unnamed)

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 55,000

Exfiltrated data amount:

15 GB

Exfiltrated data type:

Employee information, agreement, customer email (.xls), PST files, all outlook messages from 2006-2023

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

ncsa.ca

Victim country:

Canada

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 200,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Agreements, confidential documents, employees’ information, etc.

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

04^th Nov 23

Cyber Risk Factor:

4

Victim website:

beaverlakecreenation.ca

Victim country:

Canada

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 150,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

03^rd Nov 23

Cyber Risk Factor:

4

Victim website:

ehpad.fr

Victim country:

France

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 100,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous including financial documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

03^rd Nov 23

Cyber Risk Factor:

4

Victim website:

safpro.co.uk

Victim country:

United Kingdom

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 100,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

Victim website:

bmw-ducati.com

Victim country:

USA

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

4 GB

Exfiltrated data type:

Including agreements, contracts, sales invoices, payroll information, personal data of clients and employees (such as social security numbers), certificates of title, backup data, marketing materials, banking information, and other confidential documents

Leaked data:

/

Ransom deadline:

02^nd Nov 23

Cyber Risk Factor:

4

Victim website:

ucb.edu.pr

Victim country:

Puerto Rico

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

19 GB

Exfiltrated data type:

Contracts, ID cards, driver’s licenses, convalidations, confidential documents, certificates, claims, finance and banking information, payments, invoices, budget details, and personal data of employees and students

Leaked data:

/

Ransom deadline:

02^nd Nov 23

Cyber Risk Factor:

4

Victim website:

misterminit.eu

Victim country:

Belgium

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

48 GB

Exfiltrated data type:

Finance, contracts, sales, invoices, personal data of clients, and other critical documents

Leaked data:

/

Ransom deadline:

31^st Oct 23

Cyber Risk Factor:

4

Victim website:

suddekorllc.com

Victim country:

USA

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Invoice, receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality agreements, personal files

Leaked data:

/

Ransom deadline:

31^st Oct 23

Cyber Risk Factor:

4

Victim website:

plasticsurgerymd.net

Victim country:

USA

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Personal documents, personal photos of clients, the database, is a huge amount of personal data

Leaked data:

/

Ransom deadline:

31^st Oct 23

Cyber Risk Factor:

4

Victim website:

grupocobra.com

Victim country:

Spain

Attacker name:

LockBit 3.0

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

07^th Nov 23

Cyber Risk Factor:

4

Victim website:

portage.k12.in.us

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

400 GB

Exfiltrated data type:

Personal data were stolen from there, including: students data (contracts, SSN, IDs, contacts, payments, etc), employees data (contracts, SSN, IDs, contacts, payments, etc), insurance, quarterly reports, security reports, financial data (payments, transfers, etc)

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4