Bits ‘n Pieces (Trozos y Piezas)

Dominican Republic: The Instituto Agrario Dominicano (IAD) The IAD was reportedly hit by Quantum ransomware. According to local media reporting, the attack occurred on August 18. “They ask for more than 600 thousand dollars. We were affected by four physical servers and eight virtual servers; virtually all servers,” IAD Director of Technology Walixson Amaury...

A confusing data dump from Vice Society

Attacking entities that try to save lives or provide health care seems despicable to most people—and attacking a hospice? That may seem especially vile. Vice Society recently added two victims to their dedicated leak site: BSA Hospice of the Southwest and Family Medicine Centers/FMC Clinics. Both are Texas entities. But were both actually attacked...

New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks

Lawrence Abrams reports: A new data extortion group named ‘Donut Leaks’ is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando. Strangely, the data for these victims have now appeared on the data leak site for a previously unknown extortion...

ParkMobile Can’t Escape Data Breach Class Action

Kathryn M. Rattigan of Robinson + Cole has an update on litigation stemming from a breach disclosed in April 2021: The class action lawsuit will continue against ParkMobile LLC for a data breach that affected 21 million users of the parking app (Baker v. ParkMobile LLC).The ParkMobile app allows users to pay for parking...

HC3: Analyst Note: Karakurt Threat Profile

HC3: Analyst Note TLP: White Report: 202208241200 Executive Summary Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the...

Et tu, Last Pass?

Received today: Dear valued customer, We are writing to inform you that we recently detected some unusual activity within portions of the LastPass development environment. We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and...

Major Indonesia tollroad operator hacked by DESORDEN (Updated)

On August 23, DESORDEN alerted DataBreaches to another one of their attacks. This one involved the PT JASAMARGA TOLLROAD OPERATOR, Indonesia’s largest major tollway and highway operator. According to DESORDEN’s statement: This data breach involved 252 GB of data, coding and documents, across 5 of their servers. The data breach involves their users, customers,...