Our local #LondonDrugs is closing down for 2 weeks. They didn't tell my Mom why - she dropped off a refill script this morning. I'm guessing it has to do with #cyberattack demanding #ransom.
It closed stores earlier in month for that reason & the cyberattack ransom problem hasn't been resolved yet.
Fred Hutchinson Cancer Center failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
"One-third of UK-based #CISOs have confessed to paying #ransomware groups millions of dollars in recent years in a bid to alleviate the impact of an attack, according to new research.
Analysis from security firm Trellix found four-in-ten UK CISOs have managed a ransomware attack in the last five years – and in every single case, their organization opted to pay.
#Trellix found that one-third of CISOs paid between $5 million and $15 million for a ransom demand while 13% paid between $10 and $15 million.
The minimum ransom paid by all UK businesses across a five year period stood at around $250,000, the study found."
So AlphV (aka BlackCat) is trying something different again. This time, it seems they are claiming a victim before they have even attempted to contact the victim or extort them. They post no proof of claims. They state that they are taking this approach because the victim's cyberinsurance policy does not cover extortion, and their research into the victim (Tipalti) and one of the victim's clients (Roblox) suggests that their usual approach will not work. They intend to try to extort those firms and Twitch, all individually.
They even cite an academic reference on the potential benefit of paying ransom.
This listing is not the nasty approach that we've seen in some other listings on that leak site. But we'll see what happens if or when the victims don't respond.
I've sent an inquiry to Tipalti who is probably already swamped and running around trying to figure out what happened. AlphV claims to have been in multiple systems of theirs since September 8. Whether that's true or not remains to be seen.
@PogoWasRight why would AlphV not want their attack covered by the victims insurance? My thinking would be the victim is more likely to pay if their losses were covered by insurance. This seems like a more difficult way to get a payout.