Ransomware Knocks Out Knoxville, TN
Tennessee officials have been working over the past week to secure systems
and determine if any sensitive information was stolen after a ransomware attack
was identified. Fortunately, city IT staff were able to quickly implement security
protocols and shut down critical systems before the infection could spread.
Within the day, many of the targeted city domains were redirected to new sites,
allowing city services to operate normally.
Magecart Attacks Multiple Online Retailers
scripts have been identified in recent months on multiple domains belonging to
online retailers. Following the registration of a fake domain related to
Claire’s in March, several weeks of inactivity passed before code was again spotted
on Claire’s websites being used to intercept payment card transactions. It was
finally removed from the company’s domains in the second week of June, but not
before leaving thousands of customers potentially compromised.
Maze Ransomware Infiltrates US Chipmaker
The computer systems of MaxLinear,
a U.S. computer chip maker suffered a Maze ransomware attack that forced them
to take their remaining systems offline. Officials discovered that for more
than a month there was unauthorized access resulting in the leak of over 10GB
of stolen data from an alleged trove of over 1TB of total data. MaxLinear has
since refused to pay the ransom and been in contact with affected customers.
The manufacturer does not believe future operations will be delayed.
Over 100 NHS Email Accounts Compromised
Within the last two weeks a phishing campaign hit the National
Health Service (NHS), successfully accessing over 100 internal email
accounts. The affected accounts make up an extremely small portion of total NHS
email accounts, of which there are nearly 1.4 million in total. The hacked accounts
were used to distribute a malicious spam campaign designed to steal credentials
through a fake login page.
DraftKings Announces Ransomware Attack Amidst Merger
Following the multi-way merger that resulted in the
formation of DraftKings
Inc., DraftKings revealed that one of the subsidiaries, SBTech, suffered a
ransomware attack within weeks of the merger being finalized. While it is still
not known what variant of ransomware was used in the cyberattack, officials
have determined that no information was compromised. Rather, the attack was
focused on taking their online systems down. Though SBTech was required to
create a significant emergency fund preceding the merger, the deal seems to
have been unaffected by the attack.