Since its inception in February 2024, RansomHub has encrypted and exfiltrated data from at least 210 victims representing the water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services, commercial facilities, critical manufacturing, transportation, and communications critical infrastructure sectors. The affiliates leverage a double-extortion model by encrypting systems and exfiltrat
ransomhub (3)
In April of this year, a cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining momentum as a cybercriminal operation. On 1 June, the RansomHub operation posted Frontier Communications to its leak site claiming to have sensitive information of more than 2 million people. The group claimed it spent more than two months attempting to extort the company but never got a response. Frontier did not respond to requests for comment but reported a cyber
As if things were not messy enough in the Change Healthcare attack, a second cybercriminal gang RansomHub is trying to exhort the company's parent, UnitedHealth Group, and have it pay another ransom for data that an affiliate of Ransomware-as-a-Service group BlackCat claims to have stolen in February 2024. Threat intelligence firm SOCRadar in a recent blog post said RansomHub is threatening to sell "to the highest bidder" 4 terabytes of "highly sensitive data" stolen in the Change Healthcare a
