CYBER SECURITY ENTHUSIAST

Merseyrail is one of UK’s rail network providers. The rail network became recently the victim of a ransomware attack lead by Lockbit. The threat actor used the Merserayl email system in order to email employees and journalists about the attack.

We can confirm that Merseyrail was recently subject to a cyber-attack. A full investigation has been launched and is continuing. In the meantime, we have notified the relevant authorities.

Source

The cyberattack was not been publicly disclosed, but a series of publications learned about the attack after receiving a strange email on April 18th with the mail subject, “Lockbit Ransomware Attack and Data Theft”.

It seemed that the attackers have taken over the Director’s @merseyrail.org Office 365 email account, thus impersonating him. In the email sent by the impersonator to employees, it was mentioned that a previous weekend’s outage was downplayed and that they suffered a ransomware attack where the hackers stole employee and customer data, whilst also including in the email a link to an image showing an employee’s personal information that Lockbit allegedly stole during the attack.

Merseyrail declared that an investigation is ongoing at this time and decided not to offer a lot of information.

It would be inappropriate for us to comment further while the investigation is underway.

Source

The UK Information Commissioner’s Office (ICO) confirmed that Merseyrail made them aware of the “incident.”

Merseyrail has made us aware of an incident and we are assessing the information provided.

Source

Unfortunately, in the past year, we were able to observe an increase in extortion tactics used against companies.

Heimdal Official Logo
Neutralize ransomware before it can hit.

Heimdal™ Ransomware Encryption Protection

Specifically engineered to counter the number one security risk to any business – ransomware.
  • Blocks any unauthorized encryption attempts;
  • Detects ransomware regardless of signature;
  • Universal compatibility with any cybersecurity solution;
  • Full audit trail with stunning graphics;
Try it for FREE today Offer valid only for companies.

If previously the ransomware attacks mostly consisted of threat actors stealing victims’ data and encrypting their files in order to force a ransom payment, now we see new and more efficient tactics developing.

Ransomware as a Service (RaaS) – A Contemporary Mal du siècle?

Heimdal Security – Nominated for Anti-Ransomware Solution of the Year

A Closer Look at Ransomware Attacks: Why They Still Work

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP