Category: Cyber Attack

A ransomware attack encrypted files in Yau Yat Chuen Garden City Club’s customer management system, affecting more than 9,000 current and former members. The Privacy Commission found multiple security weaknesses and issued an enforcement notice while the club has begun remedial measures and disabled the vulnerable remote-access software. #YauYatChuenGardenCityClub #RemoteAccessSoftware

Kyber is a cross-platform ransomware family that targets VMware ESXi datastores and Windows file systems with coordinated Tor-based infrastructure, campaign identifiers, and destructive anti-recovery features. The ESXi variant (C++ ELF) actually uses ChaCha8 with RSA-4096 and partial in-place encryption while the Windows variant (Rust PE) implements the advertised hybrid Kyber1024 scheme and includes elevated service termination and experimental Hyper-V shutdown. #Kyber #VMwareESXi

At-Bay’s 2026 InsurSec Report shows a 7% year-over-year rise in claim frequency and an all-time average severity of $221,000, with ransomware the costliest incident type at a $508,000 average. Remote-access entry vectors dominated ransomware claims (notably VPN compromises and SonicWall devices), Akira activity spiked sharply with rapid deployments and high demands, smaller firms absorbed growing losses, financial fraud leveraged Cloudflare-hosted links, and third-party liability claims (driven by CIPA cases) rose steeply. #Akira #SonicWall

Mile Bluff Medical Center in Mauston reported a cyberattack that encrypted data and disrupted its phone and computer systems. The hospital has activated security protocols and engaged internal and third‑party experts to investigate and restore affected services. #MileBluffMedicalCenter #PhoneAndComputerSystems

Nara Municipal Hospital suspended its emergency services and outpatient clinics following a suspected cyberattack that disrupted operations. The incident, detected on April 21 by network monitoring systems, rendered multiple IT systems including electronic medical records unusable, and authorities are working with police to trace the attack’s origin. #NaraMunicipalHospital #ElectronicMedicalRecords

Reliance Jio Infocomm Limited has allegedly been compromised, exposing sensitive internal infrastructure and an alleged real-time algorithmic trading system reportedly in operation since 2016. The leaked data reportedly includes a redis_dump.txt database file, National Stock Exchange (NSE) Futures & Options trading data, system alerts for ShortCovering, LongBuiltUp, and Resistance Levels, and…

The Qilin ransomware group claims to have breached networks at ten organizations worldwide, affecting companies in logistics, manufacturing, construction, finance, medical packaging, and a local government. The actor posted an alleged victims list on April 21, 2026, and while specific file directories are not yet published, the reportedly exfiltrated data commonly…

Silentransomgroup claims to have breached law firm Rutan & Tucker, LLP and listed the firm on its leak site, indicating a compromise of internal systems. Posted evidence on the actor’s directory index appears to include legal case files, confidential internal records, network drive mappings (net drives.png), and a directory tree (RTtree.txt)….

LayerX researchers uncovered a coordinated campaign of at least 12 browser extensions that pose as TikTok downloaders while secretly tracking users and harvesting telemetry. The operation has compromised over 130,000 users on Google Chrome and Microsoft Edge by reusing a single code family, employing long-lived trust-building tactics, and using remote configuration…

Internal monitoring detected a suspected transfer of a substantial cache of confidential commercial and financial documents affecting multiple NSW Government departments and projects. NSW Treasury reported the matter to NSW Police, who launched Strike Force Civic, led to criminal charges, and now believe the alleged stolen data has been located and secured with no external compromise and no impact to government services. #NSWTreasury #StrikeForceCivic

Threat actor 888 posted a full database dump of Ledil Immobilier (ledil.immo), exposing 6,700 unique user records including names, emails, phone numbers, addresses, property and transaction details. The dataset, apparently exported from a Drupal (Search API) instance and offered as a free download on darkforums.su, greatly increases the risk of targeted…

A ransomware attack on April 16, 2026, crippled IT systems and public services at the Sprendlingen-Gensingen municipal administration. An external IT forensics team is analyzing the damage and assessing the potential extent of any data leakage. #SprendlingenGensingen #TourismusbeitragSoNicht

Roca Asociados, a Spanish firm of lawyers and economists with offices in Barcelona, Madrid, and Andorra, has allegedly been compromised in a recent data leak. Exposed records reportedly include full names, email and physical addresses, birthdays, website URLs, account and subscription metadata, IP addresses, and mailing group information #RocaAsociados #Barcelona…

A survey found that at least 222 Japanese companies paid ransom demands but roughly 60% still failed to recover their data. Of 1,107 respondents, 507 reported ransomware attacks, and experts warn that paying ransoms does not guarantee recovery while urging updated security and regular backups. #JapanInstituteForPromotionOfDigitalEconomyAndCommunity #Proofpoint