Anubis claims a ransomware data breach affecting L. S. King and Associates via www.cpageorgia.com. The dataset is small, but the consequences could be significant. #Georgia
Category: Ransom Monitor
The ransomware claim targets the Instituto de Previsión Social (IPS), Paraguay’s social security agency, attributed to the Kairos threat actor. IPS was established by Decree-Law No. 17071 on February 18, 1943, during the government of Higinio Morínigo. #Paraguay
Paass Logistik, a Cologne-based transportation and logistics company in Germany, reports a ransomware incident attributed to the threat actor ‘akira’, with threats to release 26GB of its corporate data. The threatened data includes employee records (passports and DLs), detailed financials, clients’ files, contracts and agreements (including those with DHL and others), and NDAs. #Germany
The incransom ransomware claim states that csi-ri.com in the United States was compromised and its data encrypted. The claim attributes the attack to the threat actor ‘incransom’ and identifies the United States as the impacted country #UnitedStates
Akira, a threat actor, claims to have breached netCOMPONENTS, a US-based market leader in sourcing services for the global electronics components industry, and threatens imminent data uploads. The alleged data dump includes detailed employee records (passports, DLs, a bit of medical files), clients’ files, financials, and NDAs, signaling a broad exfiltration and ransom demand #UnitedStates
ShinyHunters claim that CFGI Management (cfgi.com) in the United States has had over 800,000 records containing PII and other internal corporate data compromised. They assert the company failed to reach an agreement despite all offers and accuse CFGI of not caring about clients or investors. #UnitedStates
Anubis has claimed a ransomware breach at A J Taylor Electrical in the United Kingdom, exposing drawings, tenders, and other data related to the healthcare and education sectors. The incident represents data exfiltration from an electrical installation company involving healthcare and education sector documents. #UnitedKingdom
Handala Hack claims to have released a ransomware-backed data dump in response to the ongoing brutal crimes of the occupying regime, describing the move as an unprecedented blow to Tel Aviv’s security apparatus. The leak purportedly includes the complete details of 50 senior Israeli Air Force officers allegedly involved in bombing civilians. #Israel
Threat actor handala claims full access to Jerusalem’s security cameras, asserting control over the city’s surveillance network. The message claims that for years Jerusalem’s urban and security cameras have been nothing more than Handala’s playthings, tirelessly recording every movement. #Israel
This AI-generated ransomware claim states that First Priority Group, a US-based manufacturer and service provider of emergency and specialty vehicles, was targeted by the threat actor Everest. Headquartered in New Jersey and serving customers across the USA since 1998, First Priority Group designs ambulance remounts, emergency vehicle parts and services, and command centers for law enforcement and public safety. #UnitedStates
Nightspire claims a ransomware incident targeting the Taylor County Property Appraiser’s Office in the United States. Data is not available now. #UnitedStates
The ransomware claim from Crypto24 asserts that Invaccs Software Technologies Pvt Ltd in India has been victimized, with critical systems encrypted and data exfiltration threatened in exchange for a ransom. The threat actor’s note suggests potential disruption to Invaccs’ IT services in India and its digital transformation initiatives, potentially impacting blockchain, AI, IoT, and software development operations. #India
Incransom claims to have breached Estra Automotive, a Poland-based international supplier that develops and manufactures thermal management components and systems for vehicles. The attackers report data exfiltration and system encryption, threatening to publish sensitive design and manufacturing information unless a ransom is paid #Poland
Interlock claims it compromised Wagon Mound Public Schools in the United States, exposing 80 GB of data including staff and student information, phone numbers, residence addresses, passport numbers, and the school’s blueprints. The claim frames this as a ransomware data breach, highlighting serious security gaps in how the district handles sensitive materials. #UnitedStates
A ransomware claim alleges that the threat actor thegentlemen targeted eDevice in France, citing information from edevice.com and its ZoomInfo profile at zoominfo.com/c/edevice-sa/12403021. The claim describes eDevice as serving over 650,000 connected patients globally and as a provider of connected care platform solutions for healthcare, with partnerships involving Medtronic, Honeywell, and Philips. #France