At the beginning of the week, the threat actors behind the BianLian ransomware group added stolen data from the Australian mining company, Northern Minerals, to their dark web leak site. Officials for the mining company have confirmed that they suffered a data breach in March, and that the stolen data contained extremely sensitive corporate and financial information and personally identifiable information for both former and current employees.
Ransomware shuts down UK school
Over the weekend, officials for the Billericay School in the UK identified an encrypting ransomware attack that impacted the IT systems and forced them to temporarily close the school. With the security incident being so recent, the investigation has not determined if any data was stolen during the attack, nor the overall extent of the system encryption. Fortunately, this incident has not affected all education-related functions, and several grade-levels have been able to resume normal classes already.
RansomHub targets Frontier Communications
Recently, the threat actors behind the RansomHub extortion group published 5GB of stolen data supposedly belonging to the telecom corporation, Frontier Communications. It is believed that the data theft occurred in April, when Frontier staff were forced to take several of their internal systems offline due to an unidentified security incident. The RansomHub post claims that they have sensitive data for over 2 million Frontier customers and have given the victim nine days to pay the demanded ransom before the data is fully leaked.
Multiple London hospitals affected by ransomware attack at Synnovis
Early this week, a memo began circulating through multiple NHS hospitals around London stating that several crucial services were being affected by an ongoing security incident at the health services provider, Synnovis. While officials for Synnovis have yet to confirm that they had fallen victim to a ransomware attack, they have published a notice to their customer support portal that reveals an IT incident at their datacenter and that all services are unavailable.
Hackers breach BBC pension scheme
Near the end of May, hackers were able to illicitly access a cloud storage device belonging to the BBC’s pension scheme and copied a significant amount of extremely sensitive data of current and former BBC employees. The resulting investigation revealed that no pension scheme systems were impacted, nor was there any sign of ransomware being deployed, though all affected employees should remain alert for any suspicious correspondence or unusual credit activity.
