Majorca city Calvià extorted for $11M in ransomware attack

The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services.
Calvià is a historic town on the Spanish island of Majorca with a population of 50,000 and is one of Majorca's major tourism hotspots, estimated to receive 1.6 million visits annually.
During the weekend, a cyberattack hit Calvia's systems, forcing the council to form a crisis committee to evaluate the damage done and formulate impact mitigation plans.
Mayor Juan Antonio Amengual stated that a team of IT specialists is currently performing forensic analysis to estimate the extent of unauthorized access and recover the impacted systems and services.
The IT outages have caused the City to suspend any administrative deadline for submitting allegations, requests, etc, until January 31, 2024.
Citizens who urgently need to submit any document for registration can still do it through the General State Administration portal.
In the meantime, the municipality has informed the police's cybercrime department about the incident and filed the necessary complaints along with preliminary forensic analysis information.
The announcement concludes with a statement of regret for the inconvenience, reminding people that citizen services can still be reached via the phone.
By the time of writing this, none of the major ransomware groups had assumed responsibility for the attack at Calvià, so the perpetrators remain unknown.
A local media outlet has learned that the ransom set by the cybercriminals is €10,000,000, approximately $11M. The mayor told the local press that the municipality would not be paying the ransom under any circumstances.
Ransomware poses a significant risk to entities of all sizes, including small towns, highlighting a growing concern in today's digital landscape.
Such attacks can put vital municipal services out of order, leading to major disruptions in daily operations and public services.
The repercussions would be even more severe if such an attack occurred during peak tourism season.
Online museum collections down after cyberattack on service provider.
British Library: Ongoing outage caused by ransomware attack.
Fidelity National Financial: Hackers stole data of 1.3 million people.
Major T-Mobile outage takes down account access, mobile app.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 16 Jan 2024 18:50:12 +0000


Cyber News related to Majorca city Calvià extorted for $11M in ransomware attack

Majorca city Calvià extorted for $11M in ransomware attack - The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services. Calvià is a historic town on the Spanish island of Majorca with a population of 50,000 and is one of Majorca's major ...
9 months ago Bleepingcomputer.com
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs - Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. The 3AM ransomware gang's activity was first ...
9 months ago Bleepingcomputer.com
TeamViewer abused to breach networks in new ransomware attacks - Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the ...
9 months ago Bleepingcomputer.com
Kasseika ransomware uses antivirus driver to kill other antiviruses - A recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver tactics to disable antivirus software before encrypting files. Kasseika abuses the Martini driver, part of ...
9 months ago Bleepingcomputer.com
Kansas public transportation authority hit by ransomware - The Kansas City Area Transportation Authority announced it was targeted by a ransomware attack on Tuesday, January 23. KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex ...
9 months ago Bleepingcomputer.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Long Beach, California turns off IT systems after cyberattack - The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the ...
11 months ago Bleepingcomputer.com
Cyberattack knocks out Pensacola city government phone lines - The city government of Pensacola, Florida, is dealing with widespread phone outages due to a cyberattack announced over the weekend. City spokesperson Jason Wheeler told Recorded Future News that officials are experiencing phone issues across city ...
7 months ago Therecord.media
Dallas County investigating 'cybersecurity incident' months after city ransomware attack - Dallas County on Monday confirmed an investigation into what it's calling a "Cybersecurity incident" that hit county systems more than a week ago. The incident comes about five months after a cyberattack that compromised the personal information of ...
11 months ago Keranews.org
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
Network outages in Birmingham persist as city officials stay tight-lipped - Since announcing a network outage on March 6, the city has provided no updates on the situation or explained what caused the outage. The city has not responded to multiple requests for comment from Recorded Future News and other local news outlets. A ...
7 months ago Therecord.media
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
10 months ago Helpnetsecurity.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
5 months ago Bleepingcomputer.com
Tri-City Medical Center in Oceanside hit by cybersecurity attack - Tri-City Medical Center is diverting ambulance traffic to other hospitals Thursday as it copes with a cybersecurity attack that has forced it to declare "An internal disaster" as workers scramble to contain the damage and protect patient records. The ...
11 months ago Sandiegouniontribune.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
City of Philadelphia discloses data breach after five months - The City of Philadelphia is investigating a data breach after attackers "May have gained access" to City email accounts containing personal and protected health information five months ago, in May. While officials discovered the incident on May 24 ...
11 months ago Bleepingcomputer.com
Central Virginia transit system affected by cyber incident - The organization that runs the transit system for central Virginia dealt with a computer network disruption due to a cyberattack around the Thanksgiving holiday. The Greater Richmond Transit Company provides bus and specialized transportation ...
10 months ago Therecord.media
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
7 months ago Feeds.fortinet.com
Microsoft Teams outage causes connection issues, message delays - Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays. While Redmond is still working on addressing these ongoing ...
9 months ago Bleepingcomputer.com
West Virginia city latest municipality hit with cyberattack - The city of Beckley, West Virginia is dealing with a cyberattack, it announced Thursday in a notice posted on social media. City officials said they recently discovered issues with their computer network and apologized for any inconveniences. They ...
9 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)