Tag: Ransomware Attack

Categories
Mobile Syrup

Elden Ring publisher hacked in ransomware attack

February’s Elden Ring is one of the highest-rated games of all time. (Image credit: Bandai Namco)

Notable hacker group BlackCat hit Elden Ring publisher Bandai Namco with a ransomware attack, as first reported by Kotaku.

News of the hack comes via a tweet from ‘vx-underground’ (seen below), a group that monitors malware on the internet. Bandai Namco has confirmed the hack and says that it’s still investigating the extent of the damage, including if customer info leaked.

Below is Bandai Namco’s full statement regarding the ransomware attack:

“On 3rd July, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorized access by third party to the internal systems of several Group companies in Asian regions (excluding Japan),” the publisher told Eurogamer in a statement. It continued:

After we confirmed the unauthorised access, we have taken measures such as blocking access to the servers to prevent the damage from spreading. In addition, there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause.

We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate. We will also work with external organizations to strengthen security throughout the Group and take measures to prevent recurrence.

We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.”

BlackCat is best known for being involved in the Colonial Pipeline hack, but the group has also targeted school districts and other public institutions.

Source: @vxunderground Via: Kotaku

Categories
Mobile Syrup

Newfoundland health services overwhelmed by potential ransomware attack

Following a ransomware attack targeted the Toronto Transit Commission late last week, a new reported attack is currently disrupting healthcare services in Newfoundland.

The attack, which was detected over the weekend, has had a significant impact on the Atlantic province’s healthcare system.

“This led to progressive failure of what’s been described to me as the brain of the data center and a loss of functionality and systems across the regional health authorities,” said Health Minister John Haggie in a statement

The disruption of healthcare services was caused by a ransomware assault, according to the Canadian Broadcasting Corporation, which encrypts computer files and demands money to release them. The health authority’s systems have been disrupted in a variety of ways, including the inability to register new patients and the complete failure of its email system.

The Eastern Regional Health Authority’s chief executive officer David Diamond says that emergency treatments would continue without delay, whereas, all other appointments would be rescheduled.

Further, COVID-19 testing is being shifted away from computerized and phone appointments, and instead be done on a drop-in basis, according to Haggie. The website that delivers test results has been hampered too. Now, public health authorities will let people know if they are COVID-19 positive over the phone. It’s worth noting that the attack has had no effect on vaccination sites.

The Newfoundland and Labrador Centre for Health Information, which manages the province’s IT requirements, including electronic health records, and telecommunications operator Bell Aliant are working on the issue, according to Haggie, but there is no clear date for when things will be back to normal.

Source: Reuters

Categories
Mobile Syrup

Several TTC services are still down following ransomware attack

After being targeted by a ransomware attack on Thursday, October 28th, the Toronto Transit Commission’s (TTC) Wheel-Trans online booking site, trip-planning applications, and other communications services are still offline.

According to a statement released Saturday evening, the TTC first realized that its services are under attack on Thursday night when an IT employee discovered “unusual network activity.” According to the TTC, the attack initially had a “minimal” impact but got worse by mid-Friday.

The attack knocked out the TTC’s Vision System, which is used to communicate with vehicle operators. As of now, the TTC is using radio backup to communicate with its employees. The ‘Next Vehicle Information System’ on station screens, the TTC website, and the TTC’s internal email service are among the other services that have also been compromised.

“So if you’re trying to use one of the apps on your phone, and you’re waiting at a bus stop you will not see the next vehicle arriving or you may see something but it won’t be accurate, as well as the internal emails that are down so we have no network service,” said Stuart Green, TTC Spokesperson in a statement given to CP24.

The transit agency is working with law enforcement and cybersecurity professionals, including the City of Toronto’s IT department and Darktrace to resolve the problem and figure out what caused the assault. “As transit systems bounce back from the massive lull in ridership during the pandemic, they become an enticing target for ransomware actors,” said Darktrace’s director of strategic threat, Marcus Fowler in a statement given to MobileSyrup. ”

Anytime a ransomware attack can create a real-world impact, such as long lines or service disruption, cyber-criminals will likely demand higher ransom, with the expectation that victims will pay quickly. For the Toronto Transit Commission (TTC), thankfully, they reported no significant transit service disruption.”

Via: CP24