Tennessee State University and Southeastern Louisiana University are just the latest higher education institutions to suffer a successful ransomware attack. In other cybersecurity news, the Hospital Clinic de Barcelona was forced to temporarily shut down operations after discovering unauthorized activity on their internal systems.
Million-dollar ransom demanded from Minneapolis school district
Two weeks after suffering a ransomware attack that caused significant interruptions to the Minneapolis Public Schools (MPS) computer systems, the district has received a ransom demand for $1 million to delete or return all stolen data. Alongside the ransom demand was a video that showed proof of the Medusa ransomware group’s access to the school district's systems, which is an improved tactic of simply posting screenshots of a victim’s computer. While the investigation into this security incident is still ongoing, officials for MPS have confirmed that they will be restoring any encrypted data from internal backups and refusing to pay the demanded ransom.
Dark Angels steal 3TB of data from Brazilian engineering firm
Threat actors behind the known hacking group, Dark Angels, have recently posted 3TB of data to their leak site that was allegedly stolen during a cyberattack last autumn. The hackers claim to have exploited a server vulnerability at the Brazilian engineering conglomerate, Andrade Gutierrez, which could have allowed them access to a significant amount of extremely sensitive corporate and employee information. Officials for Andrade Gutierrez have yet to confirm the occurrence of any unauthorized activity on their systems or security incident that may have led to a data breach.
Multiple U.S. universities fall victim to ransomware attacks
Towards the end of February, both Tennessee State University and Southeastern Louisiana University experienced cyberattacks that were later confirmed to be ransomware. Both universities were forced to take their campus networks down to prevent additional damage from the attacks, and quickly issued statements to students and faculty regarding the incident and steps being taken. It is still unclear if any student or faculty information was illicitly accessed during either incident, or if campus operations have returned to normal.
160GB of Acer data up for sale
Shortly after hackers posted a trove of 160GB of internal data belonging to computer manufacturer, Acer, officials for the company confirmed it to be legitimate. According to Acer, the hackers accessed a private document server used by service technicians to perform repairs and contained significant internal documentation on the entire range of Acer products. This is just the latest security incident that Acer has suffered in recent years, though this specific attack doesn’t appear to have exposed any customer data, unlike previous network intrusions.
Ransomware shuts down Hospital Clinic de Barcelona
Over the weekend, officials for Hospital Clinic de Barcelona revealed that they had identified some unauthorized activity on their internal systems and had been forced to temporarily shut down all operations. Initial investigations are pointing towards the RansomHouse ransomware group as they typically breach corporate networks for the sole reason of exfiltrating stolen data, rather than the standard of encrypting the system and demanding a ransom. This security incident has brought to light many crucial protocols that Hospital Clinic de Barcelona had not been implementing, which allowed more internal departments to be impacted.
