UK car dealer Pendragon Group faces a hefty $60 million ransom following an attack from the LockBit group. An investigation after the attack found that only 5% of the impacted database was leaked. In other cybersecurity news, Microsoft warned the education sector to brace for continued cyberattacks.
Indian power company has data leaked after ransomware attack
Following a Hive ransomware attack earlier this month, the Indian power company Tata Power has confirmed that the data stolen during the attack has been posted to a leak site. It is believed that the attack began on October 3rd, but Tata Power staff didn’t report any unusual activity for 11 more days, though it may impact a significant amount of sensitive employee data. The Hive ransomware group have been extremely active since their origination in Mid-2021, and their affiliates are known to attack upwards of three different companies every day.
Ticketing agent suffers multi-year data breach
Officials for the international ticket provider, See Tickets, have revealed that their internal systems were compromised at the beginning of 2021 but the investigation into the breach took nearly 2 years to determine that customer information had been leaked. The breach impacted all payment card information for users who purchased tickets on the site from June of 2019 to January of 2022, though the actual actor behind the attack has still not been verified.
Researchers track prevalent PoS malware campaigns
Recently, researchers have been monitoring the progress of two Point-of-Sale (PoS) malware campaigns that have been in use for many years but are seeing a rise in activity from both MajikPOS and Treasure Hunter. While the source code for both campaigns has been available for many years, the actors behind them remain a mystery, and with over 167,000 compromised payment cards between them, these campaigns have an estimated value of $3.34 million.
LockBit demands $60 million ransom from Pendragon Group
After a cyberattack by the LockBit ransomware group, which left the internal systems of UK car dealer Pendragon Group encrypted, the company has refused to pay the demanded $60 million ransom. In the month of investigation since the attack occurred, it has been revealed that only 5% of the impacted database was leaked and has not affected the daily operations of the 200+ dealerships that Pendragon owns.
Microsoft warns of continued attacks on education
A recent report by security researchers at Microsoft has put an emphasis on the continued cyberattacks that are being waged against educational sectors across the globe by the Vice Society ransomware group. The group alternates between a variety of different ransomware payloads and has been known to simply exfiltrate data from a victim system without encryption, for financial extortion purposes. Cyberattacks that target educational institutions have been steadily increasing over the past few years, as they tend to rely on outdated hardware to run legacy software, and often are not able to install patches against new malware campaigns and attack vectors.
