Security news aggregator

Latest coverage for RansomHub

RansomHub is a ransomware operation covered through reported incidents, technical analysis, disruption efforts, and defensive guidance.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

RansomHub is the name used for a ransomware operation and associated malware in cybersecurity reporting. The tag covers reported intrusions and extortion claims, malware and infrastructure analysis, possible disruption or law-enforcement activity, and defensive guidance. Because ransomware names can be applied inconsistently to related tools or campaigns, readers should verify technical indicators and source reporting before treating an incident as attributable to RansomHub.

For defenders, relevant work includes monitoring threat-intelligence reporting for validated hashes, domains, behaviors, and intrusion evidence; rapidly patching exposed systems where a confirmed vulnerability is involved; and preserving endpoint, identity, network, and cloud logs for investigation. If encryption or unauthorized access is suspected, isolate affected systems without destroying evidence, revoke potentially exposed credentials, assess whether data was accessed rather than relying on an extortion claim, and recover from tested offline or otherwise protected backups. Confirmed data exposure may also require privacy, contractual, or regulatory assessment.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 11 months, 3 weeks ago

Another Medical Practice Closes Its Doors After Cyberattack

Alpha Wellness Says 'Devastating' Incident Forced Closure of Georgia-Based CenterAnother small medical care provider has shut its doors forever as the result of a recent "devastating" cyberattack. Georgia-based Alpha Wellness & Alpha Medical Centre has permanently pulled the plug on its operations following a data theft attack by cybercriminal gang RansomHub.

Bank Info Security 1 year, 3 months ago

Fake Out: Babuk2 Ransomware Group Claims Bogus Victims

What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.

Bank Info Security 1 year, 4 months ago

Ransomware Attacks Appear to Keep Surging

RansomHub, Play, Akira and Clop Among the Groups Claiming the Most VictimsRansomware operations have collectively claimed what amounts to a surge in new victims. Researchers trace much of this activity to RansomHub, Play and Akira, as well as Clop, which continues to drip-feed details about its attack on users of Cleo Communications' managed file-transfer software.

Bank Info Security 1 year, 5 months ago

Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000

RansomHub Theft Hit Patients of 2 Dozen HCF Facilities and Home Healthcare UnitA chain of more than two dozen skilled nursing and rehabilitation facilities is notifying tens of thousands of patients whose information was compromised in a hacking incident last fall. Russian-speaking cybercriminal gang RansomHub claims to have published 250 gbytes of data stolen in the heist.

Bank Info Security 1 year, 6 months ago

Ransomware Leak Sites Suggest Attacks Reached Record High

RansomHub, Play and Akira Appear to Dominate; Numerous Newcomers Join the FrayWhile ransomware groups' data-leak sites regularly lie, if taken at face value, in December 2024 they collectively listed the largest number of victims ever seen in a one-month period, dominated by RansomHub, Play and Akira operations, plus a bevy of newcomers, researchers report.

Also: German Prosecutors Charge Three Alleged Russian SaboteursThis week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware.

Bank Info Security 1 year, 10 months ago

NoName Apparently Allies With RansomHub Operation

NoName Specializes in Long-Tail ExploitsUp-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.

Bank Info Security 1 year, 10 months ago

RansomHub Claims Theft of Montana Planned Parenthood Data

Experts Say Orgs That Handle Highly Sensitive Health Info Are Targets of AttacksPlanned Parenthood of Montana, which provides patients with reproductive healthcare services including birth control and abortion, is responding to a hack and a threat by cybercriminal group RansomHub to leak 93 gigabytes of data allegedly stolen from the organization.

Bank Info Security 1 year, 10 months ago

RansomHub Hits Powered by Ex-Affiliates of LockBit, BlackCat

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in FebruaryBeware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

Bank Info Security 1 year, 10 months ago

Florida Department of Health Informs RansomHub Hack Victims

Cybercriminal Group Claims to Have Published 100 Gigabytes of Agency's Stolen DataTwo months after RansomHub claimed to have published 100GBs of its stolen data on the dark web, the Florida Department of Health is notifying citizens that their sensitive information has been compromised. The attack affected the vital statistics system used to issue birth and death certificates.

Bank Info Security 1 year, 10 months ago

Florida-Based Drug Testing Lab Says 300,000 Affected in Hack

Cybercriminal Gang RansomHub Claims It Leaked 700 Gigabytes of Lab's Stolen DataFlorida drug testing medical laboratory American Clinical Solutions told federal regulators that 300,000 individuals are caught up in a hacking incident now that criminal gang RansomHub has published 700 gigabytes worth of data stolen from the lab's network.

Bank Info Security 2 years, 1 month ago

Breach Roundup: Google AI Blunders Go Viral

Also: Okta Alert on Credential Stuffing; Data Breaches in SpainThis week, Google AI search provided wrong answers, Internet Archive suffered DDos attack, Okta warned of credential stuffing, Canada shut down two tech firms, attackers delivered malware with Stack Overflow, Telefónica is probing breach, Iberdrola was breached and RansomHub said it hit Christie's.

Bank Info Security 2 years, 3 months ago

A Second Gang Shakes Down UnitedHealth Group for Ransom

RansomHub Claims It Has 4TBs of Data Stolen by BlackCat in Change Healthcare AttackA second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as-a-service group BlackCat claims to have stolen in February. Is this the latest ruse in a messy attack?