At a glance.
- ALPHV claims responsibility for cyberattack on Constellation Software.
- A new Akira ransomware campaign spreads.
- CACTUS, a new ransomware leveraging VPNs to infiltrate its target.
- Almost 180 organizations are still vulnerable to the Go-Anywhere MFT vulnerability.
- Russian hacktivists interfere with French Senate's website.
- Ransomware targets local governments in Texas and California.
ALPHV claims responsibility for cyberattack on Constellation Software.
Canadian software provider Constellation Software disclosed last week what they’re calling a cybersecurity incident, impacting the company’s IT infrastructure. The ALPHV ransomware gang has claimed the attack on its data leak site, Bleeping Computer reports.
IT World Canada writes that a disclosure from Constellation shared that some IT systems within the company were breached, and that there were also leaks of some personal data, “The Incident was limited to a small number of systems related to internal financial reporting and related data storage by the operating groups and businesses of Constellation,” said the company. “A limited amount of personal information of individuals was impacted by the Incident. A limited amount of data of the business partners of Constellation businesses was also impacted.”
Bleeping Computer explains that the ALPHV ransomware gang claimed the attack: they’ve added a new entry for the company to their data leak site. The gang threatens to leak more than a terabyte of data if the ransom demand is ignored. "We have been on your network for a long time and have had time to analyze your business. We have stolen more than 1 TB of your confidential data. If you ignore or refuse the deal, we will be forced to release all of your data to the public,” the gang wrote. The ALPHV gang, known also as BlackCat, is currently one of the most active ransomware operations. For more on ALPHV and Constellation, see CyberWire Pro.