Seven new victims have been claimed under the PLAY ransomware attack — orchestrated by the threat actor with the same name.
The notorious PLAY ransomware group operating in the underground forums has identified and targeted these organizations located in different corners of the world.
Surprisingly, there seems to be no apparent connection between these victims, highlighting the indiscriminate nature of their attacks.
This ransomware campaign is part of a wider scheme orchestrated by the threat actor, targeting major organizations worldwide.
The PLAY ransomware attack victims include:
Hughes Gill Cochrane Tinetti, headquartered in California, United States, fell prey to this PLAY ransomware attack. Their website, www.hughes-gill.com, was compromised on October 10, 2023, with the ransom demand stretching four days from the publication date.
Saltire Energy, a stalwart in the United Kingdom, faced a similar attack. The threat actor claimed the PLAY ransomware attack on October 10, 2023, with a ransom date of October 14, 2023, before their data gets published.
Similarly, additional organizations mentioned by the PLAY ransomware group have been targeted by the PLAY ransomware, with a looming deadline of 1 to 4 days before all the stolen data is exposed on the dark web.
The rise in PLAY ransomware attacks and recent data breaches claims has raised concerns among both private and public organizations worldwide.
Threat actors like PLAY ransomware exploit vulnerabilities and unpatched security systems to gain unauthorized access and encrypt valuable data.
To learn more about these PLAY ransomware attacks, and get clarification on the claims made by the threat actor, The Cyber Express reached out to the multiple organizations listed by the threat actor.
However, at the time of writing this, no response or confirmation has been received. This leaves the claims surrounding the PLAY ransomware attack unverified.
Play ransomware group has been on the run from a long time. Cybersecurity experts at Symantec recently identified the Play ransomware, also known as PlayCrypt, targeting a wide range of private and public organizations across various industries worldwide.
The hacker collective, initially developed by the Balloonfly group, has gained infamy for carrying out prominent attacks since its debut in June 2022. Moreover, they employs a dual extortion approach, beginning with the extraction of victim network data before proceeding to encryption.
Alongside other notorious variants like LockBit, Mallox, and Clop, Play ransomware has emerged as the most cunning threat actors on the dark web. They also employs a range of infection vectors, exploiting known vulnerabilities such as ProxyNotShell, and even purchasing access to infrastructure through stolen credentials from previously successful threat actors.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
When a CEO's deepfake appears in a fraudulent investor call, when stolen credentials surface on dark web marketplaces, or when…
Ukraine's cyber defenders warn Russian hackers weaponized a Microsoft zero-day within 24 hours of public disclosure, targeting government agencies with…
Japan and Britain advance Japanese cybersecurity and critical mineral cooperation, addressing global instability, supply chain risks, and regional security.
Overall, Budget 2026 feels less like an annual budget and more like a policy blueprint for India’s digital future.
Authorities encourage individuals and businesses to report suspected IP theft through the official IPR Center website.
CrossCurve, formerly EYWA, suffered a $3M multi-chain cyberattack after attackers exploited a validation flaw to spoof cross-chain messages and drain…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More