Former employees and foolhardy ransomware attackers


Back to news

Several information security incidents which have happened recently are all based on utter carefreeness. A former employee in Nijmegen, Netherlands, leaked the data belonging to Radboudumc (The Radboud University Medical Center) about a month ago. The breached data contained names, login details, emails, phone numbers of not only the Center’s employees but also of organisations with which the Center cooperates.

The former employee has reportedly uploaded the obtained confidential data to GitHub. He shared scripts and codes as well as the abovementioned personal data.

In Nigeria there was detected a ransomware attack without resorting to any social engineering trick. And was conducted successfully. The violators didn’t bother to procure internal data in order to disguise as employees of the organisation or top management. They simply targeted via email the staffers to board them onto a cyberattack.

The criminal group offered employees $1 million in bitcoin which would be taken from the total sum of the planned ransom of $2.5 million. The requirement was to install the DemonWare ransomware on the company’s PCs or servers by logging in as privileged users. In case there will be employees willing to use their credential for fraudulent activities for money they would receive a full offer.

The attempt to recruit internal employees and turn them into malicious insiders is a common story, but do it a “cold-calling” way, selling literally a share in a one-time business is a curious type of tackle. Anyway, the messages sent by the attackers seemed to have slightly misleading information, they also refused to use phishing techniques as found it too difficult to manage this way.

South Florida Community Care Plan became a victim of a former employee’s wrongdoing. The employee emailed sensitive data regarding health information of plan members to his own personal email box. The data leak was revealed only after the former employee’s email account check two months ago.
The leaked data comprised names, addresses, birthdays, member identification numbers, medical details, including diagnoses, negotiated services, procedures, physicians’ names.

The employee violated the South Florida Community Care Plan policies, as no one is supposed to send corporate data to personal email addresses. The profound auditing was conducted and concerned all the employee’s activities, the incident also spurred the need to audit the rest of the employees.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.