Another one Breaking the record. A year for Ransomware. When file-locking malware doesn't cause widespread disruption like downloading and long-term outages of online services. Ransomware is the cause of unprecedented data theft attacks, in some cases affecting millions of people in their lifetimes.
Governments have rarely defeated ransomware hackers in the past 12 months. Disruption of the growing LockBit gang versus Capture and take down Rado.These data theft and extortion attacks are increasing dramatically in both frequency and sophistication.
We look back at some of the most notable ransomware attacks of 2024.
January
Loan department
Mortgage and loan giant LoanDepot He said at the beginning of the year. It was hit by a cyber attack involving “data encryption” or ransomware. Attack Customers cannot access account information or submit payments.The Florida-based company was forced to “shut down certain systems.” Weeks later, LoanDepot's personal information was told. More than 16 million people They made a compromise.
Fulton County
The notorious LockBit ransomware gang claimed a January cyber attack in Fulton County, the largest county in Georgia with a population of over one million. The attack affected phone lines, It caused weeks of disruption across the county, including IT outages that affected the courts and tax systems. LockBit published data collections from a Georgia district, including “confidential documents,” but later removed the allegations from its dark web site, suggesting it had paid the hackers a ransom. But security experts say the LockBit gang paid Fulton County. LockBit assumes that most data is likely to be lost. I stole it back then. The gang's servers were seized the following month. From US and UK law enforcement
Southern water
UK utility giant Southern Water He said at the beginning of the year that he is investigating. A data theft incident weeks before Confirmed later. Ransomware hackers have stolen the personal information of over 470,000 users. The Russian-linked Black Basta ransomware group has claimed responsibility for the attack on Southern Water, which provides water and wastewater services to millions of people across the south-east of England. 2023 hack at UK outsourcing giant Capita.
February
Transform healthcare.
See you in February. One of the biggest data breaches ever of the year — and the biggest data breaches of US health and medical data so far. A health technology company owned by UnitedHealth Change Healthcare was hacked by the ALPHV ransomware gang.It claims millions of Americans' sensitive health and patient information was stolen at the time. Change Healthcare reportedly paid $22 million to ALPHV before the cartel disappeared in March. Only for the ALPHV contractor who does the hacking. A second ransom was demanded. From change
UnitedHealth admitted to being hacked in April. A data breach that affected “a large proportion of people in America”. UnitedHealth isn't until October. A population of at least 100 million has been confirmed. The number of people affected by the data breach, which includes sensitive information including medical records and health information, is expected to be higher than the exact number.
March
Omni hotels
Omni Hotels & Resorts shut down its systems in late March after hackers exposed its network, causing widespread outages at Omni's properties, including phone and Wi-Fi problems. Ho Era in April Confirmed. During the March ransomware attack, cybercriminals stole the personal information of its customers. The rich Daixin sect demanded.. according to To send informationThis gang claims to have stolen 3.5 million Omni customer records.
June
Evolve Bank
It was the target of US-based banking services giant Evolve Bank. Ransomware attack in June including Evolve's banking clients and bank-dependent fintech startups; Wise versus Mercury. The LockBit gang took credit for the attack on Evolve and posted on its dark web leak site that the gang claimed to have stolen from Evolve. Hackers steal customers' social security numbers; In July, Evolve confirmed that the personal information of at least 7.6 million people, including bank account numbers and contact information, was obtained.
Synnovision
The NHS was forced to declare a serious incident in June. Ransomware attack At Synnovis, a major pathology provider. The cyber attack has also seen the NHS launch a national appeal for “O” blood type donors, with surgeries canceled and emergency patients diverted. In the following weeks Because of the delay in matching blood to patients due to the week-long outage. The Qilin ransomware gang claimed responsibility for the attack, eventually leaking 400 gigabytes of sensitive data it allegedly stole from Synnovis. About 300 million patients We dated years ago One of the biggest ransomware attacks of the year.
July
Columbus Ohio
About 500,000 residents of Columbus, Ohio, had their personal information compromised. stole Names date of birth addresses; identification documents issued by the government; During the July ransomware attack, including Social Security numbers and their bank account details. Rhysida is a cyber criminal who took charge last year. Cyber attack wreaks havoc on British Library.In August, it claimed responsibility for the attack on Columbus, saying it stole 6.5 terabytes of data from the city.
September
Transport for London
Transport for London, the government body that oversees the British capital's public transport system, had experience. Digital outage weeks after cyber attack In September, authorities joined the corporate network, which was later claimed by the infamous Russia-linked Clop ransomware group. The incident came despite London's transit network continuing to operate without a problem. Bank data theft on approximately 5,000 customers — and forced the transit authority to manually reset the login passwords of each of its 30,000 employees.
October
Casio
Japanese electronics giant Casio was the victim of an October cyber attack. Confirmation. He told TechCrunch that the incident was ransomware. Cyber attack alleged by underground ransomware gang; Many of Casio's systems are “unusable; Product shipment may be delayed for weeks. Casio employees in the attack; Personal information belonging to contractors and business partners was stolen, including sensitive company data including billing and human resources files. Casio said the hackers also accessed “some customer information,” but did not say how much was affected.
November
Blue
November Ransomware attack on Blue YonderOne of the world's largest providers of supply chain software; Many US and UK retailers were affected. Two of the UK's biggest supermarket chains, Morrisons and Sainsbury's, have confirmed to TechCrunch that they have experienced disruption due to ransomware attacks, while US coffee giant Starbucks has also been affected, forcing store managers to manually pay staff. Although Blue Yonder has said little about the incident, including whether data was stolen. Both Clop ransomware gangs A newer Termite crew It claims 680 gigabytes of data were stolen. documents, reports; From the supply chain giant, including warranty documents and email lists.
December
NHS hospitals
Much of the NHS was disrupted by ransomware in December after a Russian-linked ransomware gang dubbed Inc Ransom. Reported. To compromise Alder Hey Children's Hospital Trust, one of Europe's largest children's hospitals. A similar breach by the Russian ransomware gang A major NHS trust in Scotland earlier this year.Alder Hey patient records and donor reports; It claims to have obtained data from several other nearby hospitals. Separately, Another NHS location not far from Alder Hey, Wirral University Teaching Hospital, was forced to declare a critical incident after falling victim to ransomware.
Artivion
December continues to be a month of targeted attacks on health care, as Artivion, a medical device company that makes heart transplant tissue, continues. Confirmed. A “cybersecurity incident” involving the “acquisition and encryption” of data read as ransomware. Artivion said it took some systems offline in response to the cyber attack.