In August 2024, the cybersecurity landscape faced a surge in cyber threats, highlighting the growing risks that organizations must contend with. Cyber attacks, data breaches, and ransomware incidents continued to escalate, impacting businesses of all sizes and industries. As cybercriminals became more sophisticated, the stakes have never been higher. This month witnessed numerous high-profile breaches, each underscoring the critical need for robust cybersecurity measures. Whether it was a targeted ransomware attack crippling operations or a data breach exposing sensitive information, the events of August 2024 serve as a stark reminder of the evolving and relentless nature of cyber threats.
The Grane Palace in France, Arcadian Ambulance Service, Safety Service of Ukraine, Halliburton, AutoCanada, ADT Alarm, US National Public Data, POLADA, and Kootenai Health are some of the companies mentioned.
What ties these organizations together? Not much, save from the fact that in August 2024, they were all the victims of cybercrime.
This is a list of ransomware attacks, cyberattacks, and data breaches that occurred in August 2024. Everyone is vulnerable to the fury of malevolent threat actors on the internet, as evidenced by the wide range of organizations that were breached this month.
Is there a way to combat this major worldwide health crisis? Even though no one can completely shield you against cyberattacks, there are plenty of things you can do to stop an assault from destroying your company. The first and most crucial action you can take right now to lessen the impact from any cybersecurity disaster is cyber incident planning and response.
Ransomware Attacks: August 2024
Date | Victim | Summary | Threat Actor | Business Impact | Source Link |
---|---|---|---|---|---|
August 01, 2024 | Acadian Ambulance Services | Leaked protected health information after a cyber attack. | Daixin Ransomware | Ransom demand of $7M, rejected offer of $173K, claimed theft of 11M data records. | Acadian Ambulance Services ransomware attack |
August 02, 2024 | Sable International | Hackers emailed customers after a damaging cyber attack. | BianLian Ransomware | Forced shutdown of servers, website, and portals; exposure of sensitive customer information. | Sable International ransomware attack |
August 04, 2024 | Keytronic | Reported losses of over $17M due to a May ransomware attack. | Black Basta Ransomware | Disruptions at Mexico and U.S. sites impacted business applications. | Keytronic ransomware attack |
August 04, 2024 | OneBlood | Southern blood center recovering from a ransomware attack. | Russian cybercrime | Disruptions in critical software systems, impacting daily operations. | Healthcaredive.com |
August 05, 2024 | France’s Grand Palais | Disclosed a cyber attack during Olympic games. | Unknown | System shutdown to prevent spread, disrupting operations at numerous museums. | France’s Grand Palais ransomware attack |
August 06, 2024 | Sumter County Sheriff’s Office | Hacking group demands 7 BTC after a ransomware attack. | Rhysida Ransomware | Exfiltrated data, including passports and SSNs, demanded approx. $425K. | Sumter County Sheriff’s Office ransomware attack |
August 07, 2024 | McLaren Health Care | Michigan hospital system struggles with a cyber attack. | INC ransomware | Outages affecting phone systems and computers. | McLaren Health Care ransomware attack |
August 08, 2024 | The city of Killeen | Killeen hit by ransomware attack affecting government systems. | BlackSuit Ransomware | Disruptions in city government emails, court systems, and financial monitoring advised for residents. | kdhnews.com |
August 08, 2024 | City of Columbus | Stolen Columbus data leaked by ransomware group. | Rhysida Ransomware | Over 3TB of data leaked on the dark web after failed auctions. | nbc4i.com |
August 12, 2024 | Evolution Mining | Announced ransomware attack impacting IT systems. | Unknown | Informed investors about the attack, details on impact pending. | Evolution ransomware attack |
August 12, 2024 | Schlatter Group | Swiss manufacturer investigating ransomware attack. | Unknown | IT network shutdown, email access lost, and potential data theft under investigation. | Schlatter Group ransomware attack |
August 12, 2024 | Kootenai Health | Ransomware attack stole data of 464,000 patients. | 3AM Ransomware | 22GB of patient data leaked, freely available for further criminal use. | Ransomware attack on Kootenai Health |
August 19, 2024 | CannonDesign | Confirmed AvosLocker ransomware attack compromising client data. | AvosLocker ransomware | Compromise of data belonging to 13,000 clients. | SCMagazine |
August 23, 2024 | American Radio Relay League | Confirmed $1M ransom payment after a May ransomware attack. | Embargo Ransomware | Paid to restore systems, impacted systems taken offline to contain the breach. | American Radio Relay League ransomware attack update |
August 26, 2024 | Patelco | Notified 726,000 customers of ransomware data breach. | RansomHub Gang | Warned customers about personal data theft in earlier ransomware attack. | Patelco ransomware attack update |
August 28, 2024 | Microchip Technology | ‘Play’ Ransomware Group claims breach and data theft. | Play Ransomware | Alleged theft of confidential and personal data, including financial and operational records. | pcmag.com |
Cyber Attacks : August 2024
Date | Victim | Summary | Threat Actor | Business Impact | Source Link |
---|---|---|---|---|---|
August 07, 2024 | Financial Institution in Israel | Akamai blocked 419 TB of malicious traffic in a 24-hour DDoS attack. | Unknown | One of the largest DDoS attacks against a major financial services company in Israel. | Cyber attack in Israel |
August 07, 2024 | Ronin Network | $12 million returned by “white hat” hackers after exploiting a vulnerability. | Unknown | White-hat hackers exploited the Ronin bridge but returned all stolen funds. | Ronin Network cyber attack |
August 12, 2024 | Ukraine’s Security Service | Hackers posing as Ukraine’s Security Service infected 100 government PCs. | UAC-0198 | Over 100 computers compromised with AnonVNC malware via malicious spam emails. | BleepingComputer |
August 12, 2024 | AutoCanada | Cyber attack impacted AutoCanada’s internal IT systems. | BlackSuit Ransomware | Potential disruptions due to impacts on internal IT systems and connection to CDK Global’s IT outage. | BleepingComputer |
August 23 and 29, 2024 | Halliburton | Forced to take systems offline to contain a cyber attack. | RansomHub Gang | Operations at Halliburton’s Houston headquarters affected; attackers gained access to certain systems. | Cyber attack on Halliburton |
August 26, 2024 | Seattle-Tacoma International Airport | Isolated systems after a cyber attack. | Unknown | Internet and web systems down, advising travelers to complete preflight processes at home. | Seattle-Tacoma cyber attack |
August 28, 2024 | Dick’s Sporting Goods | Disclosed a cyber attack involving unauthorized server access. | Unknown | Potential exposure of confidential information, no known disruption to business operations. | The Register |
August 28, 2024 | Salford City Council | Housing register still down weeks after a cyber attack. | Unknown | 5,200 residents without access to the housing register, leaving them vulnerable to phishing scams. | The BBC |
New Ransomware/Malware Discovered in August 2024
New Ransomware/Malware | Summary |
---|---|
Sitting Ducks DNS | Hijacking of over 35,000 registered domains, allowing threat actors to claim a domain without access to the owner’s account at the DNS provider. |
SharpRhino | Hunters International group uses a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. |
LianSpy | Undocumented Android malware named ‘LianSpy’ targets Russian users, disguising itself as an Alipay app or a system service. |
CMoon USB worm | Self-spreading worm ‘CMoon,’ distributed in Russia, steals account credentials via a compromised gas company website. |
EDRKillShifte | RansomHub ransomware deploys new malware to disable Endpoint Detection and Response (EDR) software in BYOVD attacks. |
Banshee Stealer | Malware targeting Apple computers, developed by a Russian-speaking threat actor, avoids systems based in Russia. |
Styx Stealer | Developer of Styx Stealer malware leaked data, exposing client and earnings details. |
NGate Android malware | Android malware used by cybercriminals to rob three Czech banks over a nine-month campaign. |
Tickler malware | Malware used to backdoor U.S. government and defense organizations. |
Warnings/Advisories/Reports/Analysis for Cyberattacks
News Type | Summary |
---|---|
Report | The two individuals suspected of developing and being the administrators of the “Russian Coms” caller ID spoofing service were arrested in London, the National Crime Agency (NCA) announced. |
Report | Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. |
Report | Chinese officials responded to accusations from Germany that it was behind an attack on the country’s state cartography agency, calling them “unfounded.” |
Warning | The Federal Bureau of Investigation (FBI) warned of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. |
Report | The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million. According to the U.S. Department of Justice, the fraudulent operation targeted elderly victims in the United States and Canada. |
Warning | Two federal agencies urged voters to be prepared for distributed denial-of-service (DDoS) attacks on infrastructure used to support the 2024 election in November. |
Report | The U.S. Senate confirmed Michael Sulmeyer as the Defense Department’s first cyber police chief. |
Report | A China-based cyber-espionage group compromised an internet service provider (ISP) to spread malware in 2023, researchers said, confirming a hunch expressed in an earlier report about the same operation. |
Report | The Justice Department indicted Russian national Roman Pikulev for his role in founding and operating Cryptonator – an unlicensed cryptocurrency exchange that the U.S. said processed more than $235 million in illicit funds. |
Report | The Department of Justice and Federal Trade Commission filed a civil suit against TikTok and its parent company ByteDance, asserting that the Chinese-owned social media giant flagrantly violated children’s privacy laws. |
Report | A massive Magniber ransomware campaign is underway, encrypting home users’ devices worldwide and demanding thousand-dollar ransoms to receive a decryptor. |
Report | Microsoft has mitigated an Azure outage that lasted more than two hours and took down multiple services for customers across North and Latin America. |
Report | The launch date for the repeatedly delayed replacement service for Action Fraud, the much-criticised reporting centre for fraud and financially motivated cybercrime in Britain, has again been pushed back, a senior police officer said. |
Report | The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta’s extended IT outage was caused by poor disaster recovery plans and the airline refusing to accept free onsite help in restoring Windows devices. |
Warning | South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks. |
Report | Researchers have uncovered a campaign targeting hospitality workers in Canada and Europe in July with banking malware known as Chameleon. Among the hackers’ targets was an unnamed Canadian restaurant chain operating internationally. |
Report | A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore as INTERPOL said this was the largest recovery of funds stolen through a business email compromise (BEC) scam. |
Report | The SEC has concluded its investigation into Progress Software’s handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. |
Report | Proton VPN has announced a series of updates to its Windows and Android apps to help users combat censorship, circumvent blocks, and protect themselves from authoritarian governments due to using forbidden tools. |
Report | The United Nations passed its first cybercrime treaty in a unanimous vote supporting an agreement first put forward by Russia. The passage of the treaty is significant and establishes for the first time a global-level cybercrime and data access-enabling legal framework. |
Report | Russia’s telecommunications watchdog Roskomnadzor has restricted access to the Signal encrypted messaging service for what it describes as violations of Russian anti-terrorism and anti-extremism legislation. |
Report | At the Black Hat cybersecurity conference, National Cyber Director Harry Coker, Jr. said his office is working with the Department of Treasury’s federal insurance office as well as officials at the Cybersecurity and Infrastructure Security Agency (CISA) on the effort. |
Report | X has always had a bot problem, but now scammers are utilising the Ukraine war and earthquake warnings in Japan to entice users into clicking on fake content warnings and videos that lead to scam adult sites, malicious browser extensions, and shady affiliate sites. |
Report | European privacy advocate NOYB (None of Your Business) has filed nine GDPR complaints about X using the personal data from over 60 million users in Europe to train “Grok,” the social media company’s large language model. |
Report | Hackers have targeted dozens of computers belonging to Russian state agencies and tech companies with malicious tools linked to Chinese threat actors, according to a new report. |
Report | Three state governments have announced a $4.5 million payment from Enzo Biochem – a biotech company that suffered a ransomware attack in April 2023 – for failing to protect the diagnostic test information and personal data of nearly 2.5 million people. |
Report | The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards designed to resist future cyberattacks based on quantum computing technology. |
Report | A new data extortion group tracked as Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to distract while exfiltrating data from the target device. |
Report | Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments continue at this level. |
Report | Researchers said they discovered eight vulnerabilities in a range of Microsoft applications for macOS, including Teams, Outlook, Word, PowerPoint, OneNote and Excel, that could allow an attacker to gain access to a user’s “microphone, camera, folders, screen recording, user input and more.” |
Report | Iran is behind a series of cyberattacks targeting U.S. presidential campaigns that aim to “stoke discord and undermine confidence in our democratic institutions,” according to several leading cybersecurity agencies. |
Report | Hackers with suspected ties to Iran’s military allegedly targeted a prominent Jewish religious figure in a phishing campaign. The hackers reportedly used multiple email addresses pretending to belong to the research director for the Institute for the Study of War (ISW), an American-based think tank. |
Report | Hackers set up malicious banking applications that were nearly identical to legitimate European ones in an effort to steal user data in an elaborate phishing scheme, according to new research. |
Report | A Kentucky man who hacked into a state registry and faked his own death to avoid paying child support was sentenced on Monday to 81 months in prison. |
Report | The social media platform X banned an account used by a self-described pro-Palestinian hacking group, shortly after the United States issued a warning about Iranian cyber actors targeting the country’s presidential election. |
Report | The Qilin ransomware group has been using a new tactic which deploys a custom stealer to steal account credentials stored in Google Chrome browser. |
Report | Chinese authorities said that they have extradited from Thailand a suspected leader of a crypto pyramid scheme that generated nearly $14 billion in illegal profits. |
Warning | Cybercriminals have expanded the scope of so-called highway toll text scams in recent months, targeting people across multiple states with malicious SMS messages demanding payment for fictitious charges. |
Report | The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. |
Report | The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group’s leak site on Monday. |
Report | ‘Store now, decrypt later’: US leaders prep for quantum cryptography concerns. |
Report | Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations. |
Report | Intel officials say they anticipate more hacking attempts as US election nears. |
Report | Alarming Rise In Cyber Threats Targeting Indian Websites, APIs: Indusface Report. |
Report | US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks. |
Report | Japan’s police agency requests ¥6 billion to tackle cyberattacks. |
Report | India’s Critical Infrastructure Suffers Spike in Cyberattacks. |
Report | Chinese cyberattacks hit nearly half of German firms, study. |
Analysis | Watchdog reprimands Labour following data breach. |
As the landscape of cyber threats continues to evolve, it’s crucial for businesses to stay ahead of potential risks with robust cybersecurity measures. At Synergy IT Solutions Group, we understand the complexities of defending against cyber attacks, data breaches, and ransomware threats. Our comprehensive cybersecurity services are designed to safeguard your business against these emerging threats and ensure that your data remains secure. Partner with us to fortify your defenses and gain peace of mind knowing that your IT infrastructure is in expert hands. Contact Synergy IT Solutions Group today to learn how we can help you protect what matters most.