Over the weekend, officials for the Vantara subsidiary of Hitachi identified some unusual activity on their network, which was later revealed to be a ransomware attack. Threat actors from the Akira ransomware group have claimed responsibility and have posted Hitachi Vantara on their leak site alongside a trove of stolen data. Company staff were forced to take several systems offline to prevent additional damage from this incident, which has caused a significant disruption in their standard operations.

 Connecticut healthcare organization suffers data breach

At the beginning of April, staff for the Yale New Haven Health System (YNNHS) revealed that their network had been compromised, resulting in a data breach that exposed sensitive patient data for 5.5 million patients throughout Connecticut. YNNHS, which runs several hospitals in Connecticut, has revealed that while no medical records were affected, a large quantity of personally identifiable information was exfiltrated. No threat actors have claimed responsibility for this incident yet, though negotiations may still be underway.

Co-operative Group retailer faces IT hack

Recently, an internal message from the UK retailer Co-operative Group (Co-op) was leaked that confirmed their IT systems had been hacked, leading to a temporary shutdown of multiple services. While the investigation is ongoing, officials have confirmed that no customer information was compromised, and that many of their security protocols allowed them to remain operational during such an attack. Retailers continue to be prominent targets for cyberattacks, and maintaining strong security practices is more crucial than ever.

DragonForce ransomware moves towards cartel structure

In a move to remain at the forefront of the ransomware industry, the actors behind the  DragonForce ransomware group are implementing a distributed affiliate model by bringing other ransomware operators into a new cartel structure. The idea is to allow other ransomware operators to use their infrastructure and encryptor but put their own branding on it for attacks. This business model allows smaller groups to operate as a larger group, while paying 20% of ransoms to DragonForce, and not having to deal with leak sites or victim negotiations.

Data breach compromises African multinational telecom

Recently, staff for the African multinational telecommunications company, MTN Group, have confirmed that their systems had been compromised. This incident resulted in a significant data breach of customer information, though it hasn’t been revealed how many of MTN’s 290 million customers have been affected. No ransomware group has yet claimed this incident, though if they were able to exfiltrate data for all MTN customers, the possible damage would be unprecedented.