Ransomware Knocks Out Knoxville, TN
Knoxville, Tennessee officials have been working over the past week to secure systems and determine if any sensitive information was stolen after a ransomware attack was identified. Fortunately, city IT staff were able to quickly implement security protocols and shut down critical systems before the infection could spread. Within the day, many of the targeted city domains were redirected to new sites, allowing city services to operate normally.
Magecart Attacks Multiple Online Retailers
Malicious Magecart scripts have been identified in recent months on multiple domains belonging to online retailers. Following the registration of a fake domain related to Claire’s in March, several weeks of inactivity passed before code was again spotted on Claire’s websites being used to intercept payment card transactions. It was finally removed from the company’s domains in the second week of June, but not before leaving thousands of customers potentially compromised.
Maze Ransomware Infiltrates US Chipmaker
The computer systems of MaxLinear, a U.S. computer chip maker suffered a Maze ransomware attack that forced them to take their remaining systems offline. Officials discovered that for more than a month there was unauthorized access resulting in the leak of over 10GB of stolen data from an alleged trove of over 1TB of total data. MaxLinear has since refused to pay the ransom and been in contact with affected customers. The manufacturer does not believe future operations will be delayed.
Over 100 NHS Email Accounts Compromised
Within the last two weeks a phishing campaign hit the National Health Service (NHS), successfully accessing over 100 internal email accounts. The affected accounts make up an extremely small portion of total NHS email accounts, of which there are nearly 1.4 million in total. The hacked accounts were used to distribute a malicious spam campaign designed to steal credentials through a fake login page.
DraftKings Announces Ransomware Attack Amidst Merger
Following the multi-way merger that resulted in the formation of DraftKings Inc., DraftKings revealed that one of the subsidiaries, SBTech, suffered a ransomware attack within weeks of the merger being finalized. While it is still not known what variant of ransomware was used in the cyberattack, officials have determined that no information was compromised. Rather, the attack was focused on taking their online systems down. Though SBTech was required to create a significant emergency fund preceding the merger, the deal seems to have been unaffected by the attack.