Two ransomware incidents are looking worse than initially anticipated.
CMA CGM had disclosed Monday that a ransomware infestation had hit its IT systems, with operations in the Asia-Pacific region most heavily affected. The container shipping giant’s early announcements about the incident tended to describe it as an inconvenience that the company was working through without undue disruption of operations. It now appears, however, that data were compromised. The company updated its disclosure yesterday, Splash 247 reports, telling customers, “We suspect a data breach and are doing everything possible to assess its potential volume and nature.”
And the ransomware attack against Blackbaud and its widely used donor-relations-management platform has made its effects felt through a widening circle of customers. Those effects are now known to be more serious than had been hoped. According to Computing, Blackbaud has determined that that attackers accessed financially sensitive information. A Form 8-K the company filed with the US Securities and Exchange Commission says “After 16 July, further forensic investigation found that for some of the notified customers, the cyber criminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords.”
More is emerging on the cyberattack the US Cybersecurity and Infrastructure Security Agency (CISA) last week said a foreign actor mounted against an unnamed US Federal agency. Which agency was hit remains publicly unknown, but WIRED reports the perpetrator looks like Fancy Bear, Russia’s GRU.
A “glitch,” the BBC says, has caused Japan’s stock exchanges to suspend trading.