Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cencora data breach. Show all posts
Ransomware
Cencora data breach cyber attack Dark Angels Data Theft Ransomware

Fortune 50 Company Pays Record $75 Million Ransom to Dark Angels Gang


A Fortune 50 company has paid a record-breaking $75 million ransom to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. This payment is the largest publicly known ransom, surpassing the previous high of $40 million paid by insurance company CNA after an attack by Evil Corp.

Who Are the Dark Angels?

Dark Angels is a ransomware group that began operating in May 2022. Unlike many other ransomware gangs, they focus on a few high-value targets instead of attacking many smaller companies. They gain access to corporate networks, steal sensitive data, and then use this data to demand large ransoms.

The $75 million ransom was confirmed by both Zscaler ThreatLabz and crypto intelligence firm Chainalysis. The identity of the company that paid the ransom has not been disclosed, but it is known that the attack occurred in early 2024 and involved a Fortune 50 company.

One potential victim is Cencora, a pharmaceutical company ranked #10 on the Fortune 50 list, which experienced a cyberattack in February 2024. Cencora has not confirmed whether it paid the ransom, and no ransomware gang had previously claimed responsibility for the attack.

Dark Angels' Methods

Dark Angels typically breach networks and move laterally to gain administrative access. They steal data from servers and use it to pressure companies into paying ransoms. Initially, they used Windows and VMware ESXi encryptors based on Babuk ransomware's leaked source code. They later switched to a Linux encryptor similar to the one used by Ragnar Locker, a gang disrupted by law enforcement in 2023.

In an attack on Johnson Controls, Dark Angels claimed to have stolen 27 TB of data and demanded $51 million. The gang runs a data leak site, 'Dunghill Leaks,' where they threaten to publish stolen data if ransoms are not paid.

The Big Game Hunting Strategy

Zscaler ThreatLabz explains that Dark Angels uses a "Big Game Hunting" approach, targeting a few large companies rather than many smaller ones. This strategy aims for massive payouts from high-value targets.

"The Dark Angels group attacks one large company at a time," said Zscaler ThreatLabz researchers. This approach contrasts with other ransomware gangs that target multiple victims indiscriminately and outsource much of the attack process.

The $75 million ransom payment highlights the growing threat of sophisticated ransomware attacks. Companies must strengthen their cybersecurity measures, train employees, and have rapid response plans to combat these threats. As ransomware gangs become more targeted and strategic, robust cybersecurity becomes increasingly critical.

The massive ransom paid to Dark Angels sets a new record and signals an escalating threat. Businesses must stay vigilant and proactive to protect themselves from these highly targeted and costly cyberattacks.


Read more »
sensitive medical data
Ascension Health cyberattack Cencora data breach Data Breach Healthcare Cyberattacks MedStar Health data breach Prudential Financial cyberattack sensitive medical data

US Drug Distributor Cencora Reveals Major Cyberattack, Sensitive Medical Data Breached

 

A recent cyberattack on healthcare services has been disclosed by US drug distributor Cencora, revealing a significant breach compromising highly sensitive medical data.

According to Reuters, the company notified affected individuals, stating that personal and highly sensitive medical information was stolen during the cyberattack earlier this year. The incident dates back to February when Cencora initially reported a cybersecurity incident, raising concerns about data theft from its information systems.

While the company assured there is no evidence of the compromised information being publicly disclosed or misused for fraudulent purposes, it has taken proactive measures to address the situation. Cencora is working diligently to ensure affected individuals have access to resources to safeguard their information. This includes notifying those involved in the breach and providing support to protect their data.

In addition to Cencora, other healthcare entities have also been targeted by cyberattacks this month. Ascension Health, a nonprofit health system based in St. Louis, recently disclosed a cyberattack that disrupted its clinical operations. The organization quickly engaged cybersecurity experts to investigate the incident and mitigate its impact on patient care delivery.

Similarly, MedStar Health, a health network provider, confirmed a major data breach involving unauthorized access to patient data. Reports indicate that the MedStar Health breach potentially exposed information from 183,709 patients, including names, insurance details, and addresses. Despite a forensic examination finding no misuse, patients were advised to monitor their statements for any irregularities.

Last week, Prudential Financial also suffered a cyberattack, discovering that hackers compromised its systems one day earlier. The investigation into the data theft incident is currently ongoing. Additionally, the Los Angeles County Department of Mental Health reported a data breach, exposing sensitive patient information due to an employee falling victim to a phishing email. The compromised data includes names, dates of birth, addresses, phone numbers, Social Security numbers, and medical record numbers. To address the breach, the department enlisted a forensic firm to conduct a thorough assessment. Efforts are underway to notify affected individuals, with a focus on reaching all impacted clients despite challenges posed by incomplete addresses.

During a Senate hearing, UnitedHealth's CEO Andrew Witty confirmed the payment of a $22 million ransom to the hacker group BlackCat. The ransom was paid following a hacking incident in February targeting the subsidiary Change Healthcare. CBS News reports that providers face daily losses estimated at $100 million due to ongoing disruptions, according to First Health Advisory, a digital health risk assurance firm.
Read more »
Subscribe to: Posts (Atom)