genesis claims to have compromised Stockton Cardiology Medical Group, a US provider of cardiology services, and exfiltrated patient data. The claim indicates ransomware involvement and that sensitive information could be exposed unless a ransom is paid #UnitedStates
Category: Ransom Monitor
Genesis’s ransomware claim alleges that the Community Health Action of Staten Island, part of Sun River Health, was compromised and its networks encrypted, potentially exposing patient data and disrupting operations. As a US-based nonprofit, the incident underscores the vulnerability of healthcare organizations to extortion campaigns by Genesis and similar actors #UnitedStates
A ransomware claim reports a data breach at an air transportation company, with IFL Group in the US identified as the victim and the threat actor Anubis named. The claim describes data exfiltration and impact attributed to Anubis. #UnitedStates
Nightspire claims ransomware activity against Wilson Workflow Solutions in the United States. Data related to the incident is not available at this time. #UnitedStates
Rhysida claims a ransomware incident against the Cheyenne and Arapaho Tribes in the United States, threatening data exfiltration and operational disruption. The Cheyenne and Arapaho Tribes are a federally recognized united nation of the Tsistsistas and Hinono’ei, with a historic alliance dating back to the early 19th century.
#UnitedStates
A ransomware claim alleges that Saiful Bouquet in the United States was targeted by threat actor qilin. There are no additional details available about the incident. #UnitedStates
Midwest Wheel, based in the United States, is the victim of a ransomware claim attributed to the threat actor qilin. The claim describes encryption of files and ransom demands tied to the US-based victim. #countryUnitedStates
A ransomware claim targets sodic.com in Egypt, attributed to the payload threat actor. SODIC is a leading real estate development company with over 28 years of operations in West Cairo, East Cairo, and the North Coast, providing context for the victim. #Egypt
A ransomware claim alleges that SilentRansomGroup attacked Marshall & Stevens and Valuescope in the United States, potentially compromising data and disrupting operations. Marshall & Stevens, established in 1932, is described as having pioneered new concepts to provide realistic solutions. #UnitedStates
The ransomware claim alleges that the spacebears threat actor targeted Kymco (Kwang Yang Motor Co., Ltd.), a Taiwanese manufacturer of motorcycles, scooters, and EVs, and exfiltrated extensive sensitive data. Exposed materials reportedly include patent and innovation data, financial data, customer and partner data, 3D development models, schematics, and test results, with the impact centered in Taiwan #Taiwan
The ransomware claim states that spacebears targeted Wagner Metal Concept (WMC-Metal) in Germany. The attackers allegedly accessed and exfiltrated sensitive data including Supplier and Partner Contracts, Production and Technical Drawings, Financial Data, Customer Data and Orders, and Management Data. #Germany
Incransom claims to have breached Far Bank Enterprises (Fly Water Travel), exfiltrating approximately 100GB of data including confidential documents, client data, NDAs, financial data, operations, and business agreements. The threat actor asserts that the breach affects Far Bank’s brands Sage, Redington, RIO, and Fly Water Travel, exposing financial databases, all transactions, clients, development data, and other sensitive information #UnitedStates
Hiwassee Builders Supply reports a ransomware incident attributed to incransom, claiming that 100GB of exfiltrated data includes confidential documents, client data, NDAs, financial data, operations data, corporate data, business agreements, development data, and financial databases. The actor threatens public release of the data or further pressure unless the ransom is paid. #UnitedStates
A ransomware claim circulating from the group WorldLeaks alleges that Modoc Medical Center, a healthcare provider in Alturas, California, was compromised and its systems encrypted. The claim, described as AI-generated, also suggests ransom demands and potential exfiltration of sensitive data.
#UnitedStates
An AI-generated ransomware claim implicates the Thames Valley Chamber of Commerce in the United Kingdom, attributing the attack to threat actor worldleaks.
The claim describes a compromise of systems and potential data exposure affecting the chamber’s operations and services.
#UnitedKingdom