A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just the criminals’ promise.
This means the county’s stolen files may turn up for sale on a dark web forum, and the same (or another) crime crew could again demand an extortion payment to not leak the data.
It’s also a reminder that, despite the feds urging victims not to pay cybercriminals, sometimes coughing up the ransom demand seems to be the lesser of evils.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Exxon lobbyist investigated over hack-and-leak of environmentalist emails
November 27, 2024
The FBI has been investigating a longtime Exxon Mobil consultant over the contractor’s alleged role in a hack-and-leak operation that targeted hundreds of the oil company’s biggest critics, according to three people familiar with the matter. The operation involved mercenary hackers who successfully breached the email accounts of environmental activists and others, the sources told Reuters. ...
- Ransomware attack on Blue Yonder disrupts Starbucks, Sainsbury’s, Morrisons
November 27, 2024
Starbucks has confirmed that a ransomware attack on software supplier Blue Yonder has disrupted its internal systems for managing employee schedules and tracking work hours. The incident has primarily affected Starbucks’ North American operations, including approximately 11,000 stores across the United States and Canada. Starbucks says the cyberattack has compromised its ability to track baristas’ hours ...
- 9 months after the largest healthcare breach in history, UnitedHealth subsidiary back online
November 22, 2024
Change Healthcare—a subsidiary of the global health company UnitedHealth Group — has restored its medical billing services nine months after suffering an unprecedented ransomware attack that left providers with serious cashflow problems, threatened access to care, and leaked sensitive information onto the dark web. Change Healthcare, one of the largest health payment processing companies in the ...
- Elon Musk to British MPs: I’ll summon you, actually
November 21, 2024
Elon Musk is beefing with British politicians again — and they’re not impressed. The X owner and Donald Trump ally brushed off a call from the House of Commons’ science and technology committee to answer questions on his role in riots that swept the U.K. this summer. Committee chair Chi Onwurah told POLITICO this week that ...
- US charges five in ‘Scattered Spider’ hacking scheme
November 20, 2024
U.S. prosecutors unveiled criminal charges on Wednesday against five alleged members of Scattered Spider, a loose-knit community of hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency. Martin Estrada, the U.S. Attorney in Los Angeles, said the defendants conducted phishing attacks by sending bogus but real-looking mass text messages to ...
- Ex-South Korean defence chief, officials accused of THAAD data leak to China
November 20, 2024
A former South Korean defence minister and three other senior officials who served in the previous Moon Jae-in administration have been accused of leaking intelligence on a US-built missile system to activists and China. The state auditor alleged that Jeong Kyeong-doo, ex-national security adviser Chung Eui-yong and two high-ranking officers passed information on the Terminal High ...

