The claim states that the threat actor Kairos compromised FriendlyCare Pharmacy in Australia, encrypting systems and potentially exfiltrating customer data. A ransom demand was reportedly issued, with threats of public disclosure if payment is not received. #australia
Category: Ransom Monitor
Interlock claims to have breached the University of Warsaw’s Faculty of Management, exposing data on students, instructors, and leading professors, as well as student projects and papers, due to weak security and unreliable data storage. The breach underscores vulnerabilities in academic data management in Poland #Poland
The ransomware claim alleges that the threat actor coinbasecartel targeted The Epoch Times, an American media company, potentially encrypting systems or exfiltrating data and demanding payment. The claim frames The Epoch Times as a US-based victim with a global reach, attributing the incident to coinbasecartel. #UnitedStates
The victim entry ‘Lacoste – with’ appears ambiguous and does not correspond to a clearly identifiable entity, limiting precise attribution. The claim attributes ransomware activity to the threat actor ‘coinbasecartel’ in France, with the note [AI generated] N/A implying uncertainty. #France
A ransomware claim targets Canada Goose, a Canadian luxury apparel company, with the threat actor identified as coinbasecartel. The attackers claim to have compromised data and threaten to release sensitive information unless a ransom is paid, citing the brand’s global retail and e-commerce footprint across North America, Europe, and Asia #Canada
Chaos claims a ransomware attack against ITC Group (itc-group.com), the Germany-based ITC Construction Group founded in 1983 that specializes in residential high rises, mixed-use developments, and select commercial projects. The claim states that files were encrypted and that sensitive data could be released unless a ransom is paid.
#Germany
Chaos claims to have breached coastappliances.com in the United States and encrypted its systems, demanding a ransom. It offers refrigerators, freezers, wall ovens, washers, and electric ranges. #UnitedStates
The ransomware claim alleges that the Lynx threat actor targeted Stonehenge Co Ltd, a commercial and residential construction company based in Phra Nakhon Si Ayutthaya, Thailand, with 250–499 employees and 10–25 million in revenue. The claim provides few details on the exact impact or ransom demand. #Thailand
A ransomware claim by the threat actor Exitium targets Gastroenterology & Hepatology of CNY and Digestive Disease Center of CNY in New York, threatening to sell the full internal data if the ransom is not paid. The claim includes a data sample describing 167,303 patients, 124,761 SSNs, 49,798 individuals with sensitive diagnoses, 1,093,863 ICD-10 diagnoses, 1,547,142 medications, and 186,246 pathology specimens, with sensitive categories such as mental health, substance/alcohol use, STIs, cancer, and hepatitis C, and notes that notable individuals are included #UnitedStates
The ransomware claim alleges that Flash Charm Inc., identified as (IDERA), is connected to Idera, Inc., a US-based technology firm. It attributes the attack to the threat actor coinbasecartel and positions Flash Charm Inc as a subsidiary or affiliated entity within Idera’s broader portfolio of software brands serving enterprise IT markets. #UnitedStates
A ransomware claim states that 0APT was hacked and attributed to the threat actor krybit, taunting “Next time, don’t play with the big boys.” The message promises a fast response and serves as a warning to others not to challenge larger operators. #Unknown
The ransomware claim identifies LACROIX, a Canadian company specializing in the retail distribution of automotive parts and accessories with several locations in Quebec, as the victim. The claim attributes the attack to the threat actor lamashtu. #France
Dragonforce claims a ransomware incident against Apply Capnor, alleging encryption and potential data exfiltration targeting Capnor’s laser scanning, engineering, and 3D data management operations. The claim notes disruptions across Capnor’s service offerings for industries such as oil and gas, marine, chemical, power, pulp and paper, automotive, steel, and food, impacting design engineering, reverse engineering, and dimensional control, with effects on project timelines and safety. #Unknown
Nightspire claims a ransomware incident against D-Troy Logistics in Mexico, with internal documents and employee data compromised. The claim attributes the breach to Nightspire and highlights the exposure of internal documents and employee data in Mexico #Mexico
Akira, the threat actor, claims responsibility for a ransomware attack against La Tuilerie in France, threatening to upload 11 GB of corporate data, including employee personal data, financials, contracts, and client files. The claim states that data will be released soon if demands are not met. #France