Keytronic

keytronic ransomware

The electronic manufacturer filed a data breach disclosure report with the SEC at the start of the month. The report states, “The incident has caused disruptions, and limitation of access, to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.”

Keytronics hasn’t stated what data is affected yet. Ransomware group Black Basta claimed responsibility for the attack this week, saying it stole 530 GB of HR, finance, and corporate data, plus home users’ data.

Wolf Haldenstein

wolf haldenstein ransomware

The New York attorney on May 23, 2024 begain issuing an undisclosed number of data breach notifications (PDF) to people whose data was affected. The data breach occurred in December 2023 and compromised names, ID numbers, and addresses.

Ransomware group Black Basta claimed responsibility for the attack.

Malouf

The home goods retailer on May 23 began notifying (PDF) an undisclosed number of people about a data breach that lasted from September 18, 2023 to February 7, 2024. The attack left systems “encrypted an unaccessible,” according to the notificatoin.

No group has claimed responsiblity for the attack as of time of writing.

Heras UK (unconfirmed)

heras ransomware

Two ransomware groups this month claimed responsibility for attacks on the perimeter security company, which could indicate both groups exploited the same vulnerability.

LockBit added Heras to its leak site on May 29, 2024, following Medusa’s claim on May 20. Heras has not acknowledged a cyber attack as of time of writing.

LockBit claims to have stolen private financial data, customer building schemes, NDAs, salary data, external private audit reports, and other private data. Medusa demanded a $1 million ransom.

R3 education

saba university

R3 Education, the parent company of three medical universities located in the Caribbean, this week notified 7,785 students and staff about a November 2023 data breach that compromised their names, Social Security numbers, and other private information.

R3 acknowledged a ransomware attack encrypted its systems took place on November 7, 2023. No cybercriminal group has claimed responsibility for the attack as of time of writing.

For students, compromised information might include: name, Social Security number, driver’s license, passport information, medical/health information, signature, date of birth, and student identification.

For employees, the personal information might include: name, date of birth, email address, physical address, financial account information, phone number, and Social Security number.

R3 Education is the parent company of Saba University School of Medicine in the Caribbean Netherlands, Medical University of the Americas in Saint Kitts and Nevis, and St. Matthew’s University School of Medicine in the Cayman Islands.

Seattle Public Library

The library on May 28 acknowledged a ransomware attack and issued a statement: “This disruption began impacting access to staff and public computers, our online catalog and loaning system, e-books and e-audiobooks, in-building Wi-Fi, and our website.”

The library has not stated what data or how many records were affected. No group has claimed responsibility for the attack as of time of writing.

Webber International University

webber international university ransomware

Webber International University last weekend notified 5,251 people of a February 2024 data breach that compromised victims’ names, Social Security numbers, and driver’s license numbers.

Cybercriminal group RansomHub claimed responsibility for the breach, saying it stole 65 GB of data.

Webber’s notification reads, “On or around February 28, 2024, Webber became aware that an unauthorized party was claiming that certain files were copied from Webber’s network without authorization.”

Christie’s

ransomware attack Christie's auction house

Days before hosting an $840m (£670m) art auction, world-renowned Christie’s on May 27, 2024 acknowledged a third-party intrusion and theft of clients’ personal data. The outages began around May 9 and continued into the following week. Christie’s says there’s no evidece that any financial or transactional records were compromised.

Ransomware group RansomHub claimed responsibility for the attack, allegedly stealing the data of “at least 500,000 of their private clients from all over the world.” Part of the data set is said to include names, dates of birth, ID numbers, and more.

RansomHub’s post appears to suggest Christie’s entered into some kind of negotiation with the group but that it “ceased communication midway through.”

TRC Talent Solutions

TRC Staffing Services - ransomware attack

Headhunting firm on May 27 issued data breach notifications to 158,593 people following a ransomware attack in March thru April 2024. The attack was claimed by ransomware group BlackSuit.

The notification states, “On or about April 12, 2024, TRC identified suspicious activity on certain computer systems that included the encryption of certain files.”

During its investigation into the attack, TRC confirmed that employees’ data (names and Social Security Numbers) may have been affected.

Encina Wastewater Authority

encina wastewater authority ransomware

The Carlsbad, California wastewater treatment authority this month began notifying (PDF) an undisclosed number of people about a February 18, 2024 data breach that compromised names and other yet-to-be disclosed personal data.

Ransomware group BlackByte claimed responsibility for the attack.

Schuette Metals

schuette metals ransomware

The metal fabricator on May 28, 2024 notified 1,122 people about an April 2024 data breach that compromised names and Social Security numbers.

Ransomware group Cactus claimed responsibility for the attack, saying it stole 280GB of data.

Webb Landscape

webb landscape ransomware

The landscaping firm notified (PDF) an undisclosed number of people about a September 2023 data breach that compromised names and Social Security numbers.

Ransomware group Play claimed responsibility for the attack at the time, saying it stole private and personal confidential data, client and employee documents, IDs, tax documents, HR files, financial info, and more.


Want more? We track ransomware attacks every day on our global tracker.