news
HACKS OF TODAY 10-11-12/06/2023
Today’s HOT includes 35 ransomware victims by the notorious LockBit 3.0, BlackBasta, Daixin, ALPHV/BlackCat, UnSafe, Rhysida, Royal, Qilin, Akira, Cl0p, 8Base, Medusa and La Piovra gangs.
The average Cyber Risk Factor is 3.6.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
FIIG
Victim website: | fiig.com.au |
Victim country: | Australia |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 385 GB |
Exfiltrated data type: | Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); of course it include absolutely and highly confidential data. – Clients’ documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements and much more); – Database include projects, plans, documents cad and other commercial confidential data. |
Leaked data: | Sample as a proof of the exfiltrated data |
Ransom deadline: | 13th Jun 23 |
Cyber Risk Factor: | 5 |
COLUMBUS REGIONAL HEALTHCARE SYSTEM
Victim website: | crhealthcare.org |
Victim country: | USA |
Attacker name: | Daixin |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 70 GB |
Exfiltrated data type: | Miscellaneous documents including sensitive patients’ data |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
TAG AVIATION
Victim website: | tagaviation.com |
Victim country: | Switzerland |
Attacker name: | UnSafe |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 6,5 TB |
Exfiltrated data type: | 1.5Tb of corporate emails and over 5Tb of personal data. There is all info about all clients (passports, photos, payment data and history, DOB, phone, email, where and with who they fly). Also, they got all HR info (employers, salary, contracts, benefits, insurance, passports and many other). Hackers got all corporate data, they hacked corporate network and download everything from all departments. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
EJÉRCITO DE CHILE
Victim website: | ejercito.cl |
Victim country: | Chile |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | Auction |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Several sensitive data |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 17th Jun 23 |
Cyber Risk Factor: | 5 |
COMISIÓN NACIONAL DE VALORES
Victim website: | argentina.gob.ar |
Victim country: | Argentina |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 500,000 |
Exfiltrated data amount: | 1,5 TB |
Exfiltrated data type: | Documents and database dumps |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 5 |
PENNCREST SCHOOL DISTRICT
Victim website: | penncrest.org |
Victim country: | USA |
Attacker name: | Royal |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 164 GB |
Exfiltrated data type: | Personal information of students and employees as well as schools’ financial data are detailed |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
TACHI-S ENGINEERING USA
Victim website: | tachi-s.com |
Victim country: | USA |
Attacker name: | Royal |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 113 GB |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
DEL BONO HOTEL
Victim website: | delbonohotels.com |
Victim country: | Argentina |
Attacker name: | Qilin |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 56,61 GB |
Exfiltrated data type: | Miscellaneous documents including backups |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
COCA-COLA FEMSA
Victim website: | coca-colafemsa.com |
Victim country: | Mexico |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous data including financial, PII documents, contracts, databases etc. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ADAMS COUNTY COMMUNICATION CENTER (ADCOM911)
Victim website: | adcom911.org |
Victim country: | USA |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 40 GB |
Exfiltrated data type: | Miscellaneous documents including databases |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CARUSO
Victim website: | caruso.com |
Victim country: | USA |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Full employee data, very detailed accounting information, contracts, confidential documents and incidents with guests. |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
NORTHEASTERN STATE UNIVERSITY
Victim website: | nsuok.edu |
Victim country: | USA |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | Auction |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 20th Jun 23 |
Cyber Risk Factor: | 4 |
PARIS HIGH SCHOOL
Victim website: | pchs.k12.il.us |
Victim country: | USA |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | Auction |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 20th Jun 23 |
Cyber Risk Factor: | 4 |
360 EQUIPMENT FINANCE
Victim website: | 360equipmentfinance.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including PII documents |
Leaked data: | Several gigabytes of data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PRECISION MEDICAL BILLING
Victim website: | precisionmedicalbilling.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 252 GB |
Exfiltrated data type: | Miscellaneous documents including Passports and Drivers’ License |
Leaked data: | Several gigabytes of data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
HCI COLLEGE
Victim website: | hci.edu |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 192,5 GB |
Exfiltrated data type: | Miscellaneous including passports |
Leaked data: | Several gigabytes of data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AMPLA DIVISÓRIAS
Victim website: | ampladivisorias.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 85 GB |
Exfiltrated data type: | Bills and checks, Contracts, Licenses, Internal documents, cash flows, Personal data of employees (addresses\phones), Driving licenses, CPF, Employment books, Vaccination certificates, Building layout |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 4 |
PREMIER HOSPITAL DIA
Victim website: | premierhospitaldia.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 65,1 GB |
Exfiltrated data type: | Receipts, Accounts, Card ID with CPF, Employee dossiers, Internal documentation, Doctor – patient correspondence, Cadastral documents, Tables with CPF and personal data of clients, Workbooks, Driver’s license, Employment contracts, accounting documents |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 4 |
CEMAF PARTICIPACOES E ADMINISTRAÇÃO DE BENS
Victim website: | cnpj.info |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 277 GB |
Exfiltrated data type: | ID CPF, Cadastral documents, Driver’s license, Internal documents, Personal documents of employees, Passports, Contracts with customers, Receipts |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 4 |
DEFESA DA CLASSE TRABALHADORA (DECLATRA)
Victim website: | declatra.adv.br |
Victim country: | Brazil |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 100 GB |
Exfiltrated data type: | ID CPF, Driver’s license, Personal documents of clients\employees, Workbooks, Powers of attorney, Internal documents, Base with CNPJ, Database with phones and emails |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 4 |
GAE CONSTRUCTION
Victim website: | gae-construction.co.uk |
Victim country: | United Kingdom |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including projects |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 4 |
SILICON VALLEY MECHANICAL
Victim website: | svminc.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including employees’ information and driver licence documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
KRACK ZAPATERÍAS
Victim website: | krackonline.com |
Victim country: | Spain |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Customers’ information |
Leaked data: | / |
Ransom deadline: | 13th Jun 23 |
Cyber Risk Factor: | 3 |
UENO PERIODONTICS
Victim website: | uenodentalcenter.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
ACI ADVANCED CHEMICAL INDUSTRIES
Victim website: | aci-bd.com |
Victim country: | Bangladesh |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Corporate data |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
ELLIS PATENTS
Victim website: | ellispatents.co.uk |
Victim country: | United Kingdom |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Corporate data |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
WHITE SETTLEMENT INDEPENDENT SCHOOL DISTRICT
Victim website: | wsisd.net |
Victim country: | USA |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | N/A |
Ransom deadline: | 24th Jun 23 |
Cyber Risk Factor: | 3 |
RJP MEDICAL
Victim website: | robertopolizzi.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 1,3 GB |
Exfiltrated data type: | Driver’s license, Brazilian SSN (CPF ID), Personal data, Accounts, Receipts, Certificates from covid, Internal documents of the company, Personal data about patients |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 3 |
CLONARTE
Victim website: | clonarte.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 10,8 GB |
Exfiltrated data type: | Receipts, Financial documents, ID of the identity, Building plans, Birth certificate, Internal documents, Certificates with CPF, Schemes |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 3 |
SINTTEL
Victim website: | sinttelmg.org.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 55,6 |
Exfiltrated data type: | Internal documentation, Receipts, Handwritten documents, Driving license, Personal data, Powers of attorney, Employment contracts, CPF (more than 10 thousand) |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 3 |
TECHCERT
Victim website: | techcert.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 24,2 GB |
Exfiltrated data type: | CPF ID, CPF database\e-mail, Driver’s license, Employment contracts, Workbooks, Passport, Internal agreements, Receipts, Cadastral documents, Declarations, Contracts with partners |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 3 |
LUZBOA S.A.
Victim website: | luzboa.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 27,1 GB |
Exfiltrated data type: | Passports, Driver’s license, Various personal documents, ID with CPF, Employment contracts Receipts, Cadastral documents, Powers of attorney, Internal documents, Agreements with partners, Base with FOR, Accounting documents |
Leaked data: | / |
Ransom deadline: | 19th Jun 23 |
Cyber Risk Factor: | 3 |
GRUPPO MERCURIO
Victim website: | gruppomercurio.com |
Victim country: | Italy |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | N/A |
Ransom deadline: | 18th Jun 23 |
Cyber Risk Factor: | 2 |
MEGACORP ONE
Victim website: | megacorpone.com |
Victim country: | USA |
Attacker name: | La Piovra |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 2 |
TAGAVIA
Victim website: | / |
Victim country: | N/A |
Attacker name: | BlackBasta |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 1 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More