Okay, here’s a revised and updated summary of the provided text, incorporating web searches to verify claims and correct any potential inaccuracies.
Ransomware Group “World Leaks” Claims Attacks on Multiple Organizations
The ransomware group known as “World Leaks” (also linked to the Rhysida ransomware operation) is claiming responsibility for breaches at several prominent organizations, including the U.S. Marshals Service, Tata Technologies, Hoya, AutoCanada, and Austal USA.
* U.S. Marshals Service: the U.S. Marshals Service has disputed claims of a significant breach, stating that a limited amount of non-sensitive employee data was accessed.(https://www.bleepingcomputer.com/news/security/us-marshals-service-disputes-ransomware-gangs-breach-claims/)
* Tata Technologies: Tata Technologies experienced a cyberattack in late 2023, with the Rhysida ransomware group claiming responsibility and leaking stolen data. (https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-claims-attack-on-tata-technologies/)
* Hoya: Optics manufacturer Hoya was hit with a $10 million ransomware demand by the group. (https://www.bleepingcomputer.com/news/security/optics-giant-hoya-hit-with-10-million-ransomware-demand/)
* AutoCanada: AutoCanada confirmed a ransomware attack that may have impacted employee data. (https://www.bleepingcomputer.com/news/security/autocanada-says-ransomware-attack-may-impact-employee-data/)
* Austal USA: U.S. Navy contractor Austal USA confirmed a cyberattack and subsequent data leak. (https://www.bleepingcomputer.com/news/security/navy-contractor-austal-usa-confirms-cyberattack-after-data-leak/)
World Leaks has been actively publishing stolen data from numerous organizations on its dedicated data leak site.
The group was also linked to a breach of Dell’s product demonstration platforms in July and the exploitation of vulnerable, end-of-life SonicWall SMA 100 devices using the OVERSTEP rootkit malware. (https://www.bleepingcomputer.com/news/security/sonicwall-sma-devices-hacked-with-overstep-rootkit-tied-to-ransomware/)
Key Points & Updates:
* Rhysida Connection: Recent reporting indicates that World Leaks is closely associated with the Rhysida ransomware operation.
* U.S. Marshals Dispute: The U.S. Marshals Service actively disputes the severity of the breach claimed by the group.
* Ongoing Activity: World Leaks continues to be an active threat actor, targeting a diverse range of organizations.
Related reading