Ransomware: Accident insurance, pharma companies in the USA and others affected
Ransomware affects statutory accident insurance, pharmaceutical companies in the USA and other countries. The water supply in Kansas City is also affected.
(Image: WhataWin/Shutterstock.com)
A server of the online campus of the Verwaltungs-Berufsgenossenschaft (VBG) has been attacked by ransomware, according to the accident insurance provider. As a result, unknown persons gained access to the systems. The online campus is a digital service for seminar participants in the areas of occupational health and safety. A data leak cannot yet be ruled out. The supervisory authorities, the Federal Social Security Office and the Federal Commissioner for Data Protection and Information Security, Prof. Louisa-Specht Riemenschneider, were informed immediately, according to a letter sent to those affected.
No data on insurance claims
After becoming aware of the attack, VBG said it had shut down the affected servers and disconnected them from the network. The ability to work was not restricted and data on insurance claims was not affected.
According to VBG, the first and last name, e-mail address, telephone number, name of the employer and address of the seminar participants may have been leaked. The VBG has informed people whose e-mail addresses were stored in the system – according to a spokesperson, around 200,000 e-mail addresses may have been stolen.
Risk of successful phishing attacks
As with similar incidents, – there is an increased risk of phishing. The VBG recommends that those affected handle emails with care and take a critical look at unknown senders. In addition, user accounts that use the e-mail address in question should be monitored closely and access data changed if necessary.
Pharmaceutical companies are a popular target
New ransomware groups continue to emerge alongside the familiar ones. The previously unknown group "Valencia Ransomware" now lists several companies on its leak site – including the Californian city of Pleasanton, a Spanish fashion giant, an Indian paper manufacturer and two pharmaceutical companies. This was reported by "The Register", among others.
Pharmaceutical companies are a popular target for cyber criminals. Just recently, Bloomberg reported that the US company Cencora had paid a record sum totaling 75 million US dollars in Bitcoin to the "Dark Angels" group. The largest IT service provider for the US healthcare sector, Change Healthcare, had already paid several ransoms to the ransomware group AlphV following a cyberattack.
Waterworks in Arkansas City affected
Another case in the USA concerns the Arkansas City water treatment plant, as reported by the city. The authorities were informed immediately after the cyberattack on the plant, whereupon the city took precautionary measures to ensure the safety of the plant. Despite the incident, residents can rest assured that the water supply will remain safe and uninterrupted, according to the city. As a precaution, the water treatment plant has been switched to manual operation. The city has full control. Cybersecurity experts and authorities are working to return the plant to normal operation.
(mack)