Stay on top of this week’s ransomware news with our handy summary!

Camino Nuevo Charter Academy

akira camino nuevo charter academy ransomware note

Camino Nuevo Charter Academy, a group of charter schools in the Los Angeles area, on April 24, 2024 notified 7,916 people of a data breach that took place in July 2023, but wasn’t discovered until January 2024. The attack was claimed in August 2023 by ransomware group Akira, which says it stole 75 GB of data including Social Security numbers, passports, and other business documents.

Octapharma Plasma

Black Suit ransomware claim Octopharma Plasma

Plasma donation company, Octapharma Plasma, Inc., was forced to shut down over 150 of its centers late last week. Ransomware group BlackSuit on April 24, 2024 came forward to claim the attack. BlackSuit claimed the attack on its data leak site, claiming to have stolen troves of data, including data of donors, laboratory data, employee data, and financial/business data.

Optometric Physicians of Middle Tennessee

Ransomware group BianLian on April 22, 2024 claimed an attack on Optometric Physicians of Middle Tennessee (OPMT), a chain of eyecare clinics. OPMT in March 2024 posted a notification on its website confirming a cyber attack.

BianLian says it stole 1.5 terabytes of finance data, human resources data, patients’ personally identifiable info and personal health info, biometric data, contracts, confidential agreements, and SQL databases.

OPMT has not confirmed BianLian’s claim.

The Tech Interactive (unconfirmed)

The Tech Interactive ransomware claim

Ransomware group 8Base on April 22, 2024 added The Tech Interactive to its data leak site, claiming to have stolen a ‘huge amount of confidential information’ as well as account documents, employment contracts, invoices, and more. It has given the science and technology museum seven days to pay the ransom (unspecified) before it publishes the alleged stolen data.

The Tech Interactive hasn’t confirmed the attack but did note ‘technical issues’ on its Facebook page on April 14. It stated that online tickets were unavailable at the time.

Montclair, NJ

montclair ransomware

The township of Montclair, New Jersey over the weekend notified 17,835 people about a May 2023 ransomware attack that compromised their personal information.

The township admitted in July 2023 that its insurer, Garden state Joint Insurance fund, paid $450,000 to attackers in order to restore systems and recover data. It said some systems and data were not recovered at the time.

No ransomware groups have claimed responsibility for the attack.

Paul Stuart

paul stuart ransomware

Madison Avenue haberdasher Paul Stuart this week started notifying (PDF) victims of an October 2023 data breach. It did not disclose how many records were affected nor what they contain. The attack was claimed by ransomware group Cactus in November.

William H. Brewer and Co

Accounting firm William H. Brewer and Co. on Friday notified (PDF) victims of a February 2024 ransomware attack. The data included tax IDs, Social Security numbers, bank account numbers, and more. The number of victims has not been disclosed, and no ransomware group has claimed responsibility as of time of writing.

Asbury Automotive Group

asbury automotive

Georgia-based car dealer Asbury Automotive Group issued a data breach notification to an undisclosed number of victims following a December 2023 ransomware attack. Asbury did not discover the attack until March 25, 2024. Names, driver’s licenses, and potentially other personally identifiable information was compromised.

Ransomware group Cactus claimed the attack, saying it stole 62 GB of data.

Regulator Marine

regulator marine ransomware

North Carolina boat manufacturer Regulator Marine on April 23, 2024 notified 1,384 people of a data breach that took place in March 2024. Names and Social Security numbers were among the compromised data.

Ransomware group Cactus claimed the attack.

Biggs Cardosa and Associates

biggs cardosa ransomware

On April 23, 2024, structural engineering firm Biggs Cardosa and Associates notified (PDF) and undisclosed number of victims about a March 2024 cyber attack. Names, Social Security numbers, financial account info, and dates of birth were among the compromised data.

Ransomware group BlackSuit claimed the attack.

Amerlux

amerlux ransom note

Lighting manufacturer Amerlux on April 22, 2024 notified (PDF) an undisclosed number of victims about a March 2024 ransomware attack. The compromised data included names, addresses, Social Security numbers, salary data, employee bank account info, and passports.

The attack was claimed by ransomware group BlackBasta.

Green Diamond Resource Company

green diamond resource company ransom note

Forest management firm Green Diamond Resource Company on April 19, 2024 issued data breach notifications to 27,896 victims of a June 2023 ransomware attack. The compromised data included names, Social Security numbers, and dates of birth.

Ransomware group Akira claimed the attack, saying it stole 30 GB of data.

Butler, Lavanceau & Sober

butler lavanceau and sober

Accounting firm Butler, Lavanceau, & Sober on April 17, 2024 notified 3,370 victims of a February cyber attack. Compromised information included names, Social Security numbers, driver’s license numbers, and limited medical information.

Ransomware group Snatch claimed the attack.

J.B. Poindexter & Co

Truck manufacturer J.B. Poindexter & Co this week sent notices to an undisclosed number of victims regarding a data breach that took place on April 4, 2024. The company provided preliminary notice to impacted individuals on April 8.

The compromised data included names, contact info, Social Security numbers, and dates of birth of employees and their dependents.

No ransomware group has claimed responsibility as of time of writing.

Want to know more? Our global ransomware tracker is updated daily!