Info@NationalCyberSecurity
Info@NationalCyberSecurity

Plasma donation company Octapharma slowly reopening as BlackSuit gang claims attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


The plasma donation company Octapharma has begun to reopen some of its 180 centers around the world following a ransomware attack that forced it to shut down operations for nearly a week. 

Based in Switzerland, the company is one of the largest privately-owned, independent plasma companies in the world, using plasma donations to develop and manufacture medicines. It says it has more than 180 donation centers worldwide.

A company spokesperson said they discovered unauthorized network activity on April 17 that disrupted parts of their operations. 

“Upon learning of this event, we began conducting an investigation with outside experts to understand the impact. That investigation remains ongoing, and we do not have more to report at this time,” the company said.

The company said on its website and on Facebook that all centers were closed from April 17 to April 22. Beginning on Monday, some centers were reopened with modified hours.   

The company urged those with appointments to call their local office to make sure it is open and operating. 

The BlackSuit ransomware gang took credit for the attack on Wednesday, claiming to have exfiltrated business and laboratory data as well as the information of both living and deceased donors. 

The Register, which first reported the incident, was told by a source that the ransomware gang gained entry to the company through VMware systems. A recent report from Google security company Mandiant found that ransomware actors are increasingly targeting VMware systems. 

BlackSuit is a rebrand of the Royal ransomware group that launched a devastating attack on the city of Dallas. 

An advisory from the U.S. Department of Health and Human Services (HHS) warned hospitals in November that the sector “will likely continue to be attacked profoundly” by BlackSuit actors. The advisory noted that the group has a version of their ransomware made to target VMware ESXi systems. 

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.



——————————————————–


Click Here For The Original Source.

.........................

National Cyber Security

FREE
VIEW