What Happened
The International Joint Commission, a cross-border water commission that manages water rights along the US-Canada border, has confirmed that it experienced a cybersecurity incident after ransomware group NoEscape claimed to have stolen 80GB of data from the organization. The ransomware group gave the organization ten days to respond to its ransom demand, or it may make the swiped info public.
Impact
The stolen data allegedly included contracts and legal documents, personal details belonging to employees and members, financial and insurance information, geological files, and “much other confidential and sensitive information.” If the commission does not respond to the ransom demand, the cyber-criminals have threatened to publish all data.
Who is NoEscape?
NoEscape is a relatively new ransomware-as-a-service operation that takes a double-extortion approach. They steal files before locking them up and demand a ransom to release the data. If victims don’t pay the ransom, NoEscape threatens to leak the information, as well as withhold the decryption keys.
The group is believed to be a rebrand of Avaddon, another ransomware crew that shut down and released its decryption keys in 2021.
- What We Have Learned from MOVEit Attacks
- FCC Bans AI-generated Voice Scam Robocalls
- Verizon’s Insider Data Breach Impact 63000+ Employees
- Ukrainian Energy Sector Attacked by Russian Hackers
- [CVSS 9+] Microsoft April 24 Patch Tuesday Highlights
- BlackCat Claims Cyberattacks on Prudential Financial, LoanDepot