ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAF
1
Top ransomware attacks
2
TargetAKAdescription sectororganisation sizerevenuecostransom costdata noteransom paidYEAR codeYEARmonthlocationinteresting story (edited)interesting story (long)interesting story?Ransomwarestock symbolrevenue as ofno of employeesData NoteSource NameURLURL 2URL 3URL 4URL 5#IDmonth as codedate codedate code 2
3
display label1,5,10,25,100,300$USD milliondisplay label2013
4
"Cryptolocker"250,000 systemsmisc10012727unknown02013SEPWorldwideCryptoLocker was one of the most profitble ransomware strains of its time. It earned more than $3 million before it taken down in 2014.yCryptoLockerhttps://digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst-ransomware-attacks-all-time190.750.00
5
"Cryptowall"Multiple systemsmisc2511818unknown02014JANWorldwideFrom 2014-2016, CryptoWall was the most popular ransomware strain used and had extorted $18 million in ransom.yCryptoWall211.080.25
6
Apple devicesmisc11$100 per device5unknown02014MAYAustralia"Device hacked by Oleg Pliss. For unlock device YOU NEED to send voucher code by $50 for unlock" is the message many Australians woke up to on their Apple devices. It was a ransomware attack but not by infecting the device with a malware, but by getting the owner's login credentials and locking them out of their devices remotely. yNot revealed$100 per device or $50 per device. Payment was avoided by manyhttps://nakedsecurity.sophos.com/2014/05/27/apple-ransomware-strikes-australia-pay-oleg-100-or-else/351.420.25
7
New Hampshire PDgovernment11$2000-$30000.003costunknown02014JUNUSACryptoWallrepair costs were $2000-$3000https://www.nbcnews.com/tech/security/virus-wipes-out-new-hampshire-police-departments-computers-n126466461.500.25
8
"TeslaCrypt"Multiple systemsmisc5176,5200.07652unknown02015MARWorldwideTeslaCrypt managed to extort $76,522 from 163 victims. The ransom demands varied between $150 and $1000.yTeslaCrypt532.250.50
9
"TeslaCrypt 2"Multiple computersmisc51$1000 per system5unknown02015MAYAustraliaAustralians were hit with a Breaking Bad themed ransomware attack. The malware has adopted the the mantle of "Los Pollos Hermanos", a fictional fast food chain from the show and demanded for $450 to be paid, and $1000 if there was a delay in payment.yNot revealed$1000 per systemhttps://www.arnnet.com.au/article/574649/breaking-bad-themed-crypto-ransomware-hits-australian-computers/652.420.50
10
Plexglobal streaming media service media & sport5142,5000.0025refused02015JULUSACryptoWallPRIVATE 51-100https://www.computerweekly.com/news/4500249300/Hacker-tries-to-hold-Plex-video-streaming-service-to-ransomhttps://finance.yahoo.com/company/plex?h=eyJlIjoicGxleCIsIm4iOiJQbGV4In0=&.tsrc=fin-srch772.580.50
11
Multiple law firmslegal11unknownunknown02015MAR
USA, Canada, Ireland
Ransomware attacks against law firms had increased significantly. One U.S. Law Firm were demanded to pay $700 in BTC to retrieve their files, which they refused. The Law Society of British Columbia and Ireland had to issue official warnings informing its members after a number of attacks.yCryptoWallhttps://resources.infosecinstitute.com/topic/ransomware-attacks-on-law-firms/832.250.50
12
Greece banksfinance11unknownunknown02015NOVGreece
Armada Collective
https://www.dw.com/en/greece-says-hackers-hit-banks-with-bitcoin-ransom-demand/a-188858819112.920.50
13
Police departments government11$300-$500 per system5unknown02016APRUSAPolice departments across multiple American states were hit by ransomware attacks. The ransom amount demanded for varied from $300-$500, which were paid in some cases and weren't in other.yNot revealedadded the ransom amts of attacks across 3-4 police deptshttps://www.reuters.com/article/us-usa-cyber-ransomware-idUSKCN0X917Xhttps://www.darkreading.com/attacks-breaches/police-pay-off-ransomware-operators-again/d/d-id/13199181043.330.75
14
Lukas & Klinikum Arnsberg Hospitalshealthcare10120unknownrefused02016FEBGermanyNot revealedhttps://securityaffairs.co/wordpress/44824/cyber-crime/ransomware-paralyzed-german-hospitals.html1123.170.75
15
HPMCHollywood Presbyterian Medical Centerhealthcare1028917,0000.017ransom paid02016FEBUSANot revealedhttps://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html1223.170.75
16
Ottawa Hospitalhealthcare10966unknownunknown02016MARCanadaNot revealedhttps://ottawacitizen.com/news/local-news/ottawa-hospital-hit-with-ransomware-information-on-four-computers-locked-down1333.250.75
17
MedStar Healthhealthcare255,00019,0000.019unknown02016MARUSANot revealedhttps://www.healthcareitnews.com/news/medstar-attack-found-be-ransomware-hackers-demand-bitcoin1433.250.75
18
University of Calgaryacademic1020115,7800.01578ransom paid02016JUNCanadaNot revealedhttps://www.bbc.com/news/technology-364786501563.500.75
19
Carleton Universityacademic1066539,0000.039unknown02016NOVCanadaNot revealedhttps://www.cbc.ca/news/science/ransomware-carleton-university-computers-bitcoin-infects-1.387270216113.920.75
20
San Francisco MTASan Francisco Municipal Transport Agencytransport251,00074,0000.074unknown02016NOVUSAThis ransomware attack infected more than 2,000 computers which were used to operate the San Francisco public transport system, which forced MTA to open the gates & allowed passengers to travel for free.yHDDCryptorhttps://www.theregister.com/2016/11/27/san_francisco_muni_ransomware/17113.920.75
21
Madison Countygovernment1121,0000.021ransom paid02016DECUSANot revealedhttps://www.csoonline.com/article/3139975/ransomware-hammers-madison-county-indiana.htmlhttps://www.theindianalawyer.com/articles/42211-ransomware-attack-costing-madison-county-nearly-20000018124.000.75
22
"BadRabbit"Russian & Ukrainian systemsmisc1001unknownunknown12017OCTRussia, UkraineUnlike Petya and WannaCry, BadRabbit hasn't spread widely and majority of the incidents have been reported in Russia and Ukraine. This ransomware spreads through compromised, insecure websites. Once attacked, it demands a ransom of $280 in BTC and a 40 hour deadline.yBadRabbithttps://www.wired.co.uk/article/bad-rabbit-ransomware-flash-explained19104.831.83
23
"Petya" & "NotPetya"Multiple systems globallymisc1001$10bn across multiple companies5costunknown12017JUNWordlwideThe Petya & NotPetya ransomware spread across the world, wreaking havoc. The parent ransomware, Petya, had surfaced before its variant. It is a regular malware that aims to quickly mint some money from victims. NotPetya (a Petya variant), on the other hand, is said to be a state-sponsored Russian cyberattack masquerading as ransomware, which targetted war-ridden Ukraine but its impact was felt across the globe.y
NotPetya & Petya
losses across multiple companies added up to $10 billionhttps://www.business-standard.com/article/technology/notpetya-how-a-russian-malware-created-the-world-s-worst-cyberattack-ever-118082700261_1.htmlhttps://www.proofpoint.com/us/threat-reference/petya2064.501.50
24
MaerskDanish shipping gianttransport10039,722300300costunknown12017JUNDenmarkThe NotPetya ransomware had hit countries across Europe but Copenagen-based Maersk was among the worst hit, which moves about one-fifth of the world's freight. Operations at Maersk terminals in four different countries were impacted, causing delays and disruption that lasted weeks. Even though the repair costs were around $300 million, things could have been much worse as there was no data-breach or data-loss, which would have been devastating considering the secretiveness of shipping businesses.

yNotPetya
MAERSK-B.CO
losses were around $300 million. exact ransom amt not knownhttps://www.zdnet.com/article/ransomware-the-key-lesson-maersk-learned-from-battling-the-notpetya-attack/https://www.forbes.com/sites/leemathews/2017/08/16/notpetya-ransomware-attack-cost-shipping-giant-maersk-over-200-million/?sh=2e5d87354f9a2164.501.50
25
"WannaCry"230,000 systems globallymisc3001$300-$600 per system69unknown12017MAYWorldwideThe WannaCry ransomware attack was a global epidemic that hit around 230,000 systems worldwise in MAY, 2017 and the ransom demanded was $300, which later increased to $600, per system. A Spanish mobile company, Telefonica, was first to be hit. By MAY 12th, NHS hospitals and surgeries across the country were affected. Ambulances were rerouted, leaving people in an emergency stranded. It was estimated to cost NHA around $92 million after 19k appointments were cancelled as a result of the attack.yWannaCryour calc. Attackers have not received full amt, this is the exepcted amthttps://www.kaspersky.co.in/resource-center/threats/ransomware-wannacry2254.421.42
26
Hancock Healthhealthcare1012255,0000.055ransom paid22018JANUSASamSamhttps://www.zdnet.com/article/us-hospital-pays-55000-to-ransomware-operators/2315.082.08
27
City of Atlantagovernment1151,0000.051refused22018MARUSASamSamhttps://www.tripwire.com/state-of-security/security-awareness/10-most-significant-ransomware-attacks/
https://www.al.com/news/2018/12/atlanta-didnt-pay-6-bitcoin-cyber-attack-ransom-officials-confirm.html#:~:text=Atlanta%20didn't%20pay%20the,Attorney's%20Office%20for%20North%20Georgia.&text=%E2%80%9CThe%20city%20of%20Atlanta%20did,the%20U.S.%20attorney's%20office%20said.
https://statescoop.com/one-year-after-atlantas-ransomware-attack-the-city-says-its-transforming-its-technology/2435.252.25
28
COSCOChinese shipping gianttransport2518,941unknownunknown22018JULUSANot revealedCICOF12/30/2020https://www.cshub.com/attacks/news/incident-of-the-week-cosco-shipping-faces-ransomware-attackhttps://finance.yahoo.com/quote/CICOF/financials?p=CICOF2575.582.58
29
Port of San Diegogovernment101633030costunknown22018SEPUSASamSamFigure is doubtful, one report says damages and costs came up t0 30https://www.sandiegoreader.com/news/2019/apr/10/city-lights-happened-ransomware-port-san-diego/#:~:text=Per%20the%20FBI%2C%20the%20Port,200%20public%20agencies%20and%20hospitals.2695.752.75
30
OWSAOnslow Water and Sewer Authoritygovernment529unknownrefused22018OCTNorth CarolinaThe critical water utility can be said to be cursed as it suffered a ransomware attack, when it was still recovering from Hurricane Florence. The authorities refused to pay the ransom.yRyukhttps://www.csoonline.com/article/3314557/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html27105.832.83
31
Jackson Countygovernment11400,0000.4ransom paid32019MARGeorgia, USARyukhttps://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-infection/2836.253.25
32
City of Lodigovernment11400,0000.4unknown32019APRCalifornia, USANot revealedhttps://www.rubrik.com/content/dam/rubrik/en/resources/case-study/Customer-Success-Rubrik-and-City-of-Lodi.pdfhttps://www.govtech.com/security/lodi-calif-confirms-ransomware-behind-computer-troubles.html2946.333.33
33
La Porte Countygovernment11130,0000.13ransom paid32019JULIndiana, USARyukhttps://www.bleepingcomputer.com/news/security/la-porte-county-pays-130-000-ransom-to-ryuk-ransomware/3076.583.58
34
22 Texan townsgovernment112.52.5refused32019SEPUSANot revealedhttps://www.cpomagazine.com/cyber-security/massive-ransomware-attack-in-texas-hits-22-cities-and-towns-hackers-demand-millions-in-payment/3196.753.75
35
DCH Health Systempublic hospital in Alabama, USAhealthcare10545500,0000.5estimateunknown32019NOVAlabama, USARyukamt is an estimate by security expertshttps://heimdalsecurity.com/blog/dch-ransomware-attack/32116.923.92
36
Pitney BowesAmerican tech companytransport253,554unknownunknown32019OCTUSAThe shipping tech firm was hit by a ransomware attack not only in 2019 but also in 2020 by the same ransomware.yMazePBI12/30/2020https://www.computerweekly.com/news/252482937/Pitney-Bowes-hit-by-Maze-in-second-ransomware-attackhttps://techcrunch.com/2019/10/14/pitney-bowes-ransomware-attack/https://finance.yahoo.com/quote/PBI/financials?p=PBI33106.833.83
37
NVANational Veterinary Associatesgovernment252,000unknownunknown32019OCTUSARyukhttps://krebsonsecurity.com/2019/11/ransomware-bites-400-veterinary-hospitals/34106.833.83
38
City of Johannesburggovernment1130,4930.030493refused32019NOVUSA
Shadow Kill Hackers
https://www.bleepingcomputer.com/news/security/ransomware-attack-shuts-down-city-of-johannesburgs-systems/35116.923.92
39
Government of NunavutGovernment of Nunavut, Canadagovernment1155costunknown32019NOVCanadaNot revealedhas spent $5 million in damageshttps://www.zdnet.com/article/canadian-nunavut-government-systems-crippled-by-ransomware/https://nunatsiaq.com/stories/article/nunavut-government-has-spent-5m-to-cope-with-NOV-ransomware-attack/36116.923.92
40
Everis & Cadena SARSpain's largest MSP and largest radio stationtech251,000836,0000.836unknown32019NOVSpainNot revealedPRIVATE10000+https://www.zdnet.com/article/ransomware-hits-spanish-companies-sparking-wannacry-panic/https://spinbackup.com/blog/24-biggest-ransomware-attacks-in-2019/https://finance.yahoo.com/company/everis-group?h=eyJlIjoiZXZlcmlzLWdyb3VwIiwibiI6IkV2ZXJpcyBHcm91cCJ9&.tsrc=fin-srch37116.923.92
41
Rouen Hospitalhealthcare251,000unknownunknown32019NOVFranceThe ransomware attack on the French Hospital was a ghastly reminder of the 2017 WannaCry attack. It crippled a system of 6000 computers and the medical staff were forced to return to the old fashioned way of using pen-paper and telephone lines to keep lines of communication open.yNot revealedhttps://www.forbes.com/sites/daveywinder/2019/11/20/infection-hits-french-hospital-like-its-2017-as-ransomware-cripples-6000-computers/?sh=64e139ca576e38116.923.92
42
State of Louisianagovernment11unknownrefused32019NOVUSARyukhttps://www.cpomagazine.com/cyber-security/louisiana-hit-with-another-ryuk-ransomware-attack/39116.923.92
43
ProsegurSpanish security firmlogistics254,329unknownunknown32019NOVSpainRyukPSG.MC12/30/2020https://www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/40116.923.92
44
City of Baltimoregovernment1176,2800.07628refused32019MAYMaryland, USAThe city decided not to pay the ransom, but repair costs and damage control came up to $18.2 million, which created an uproar among the citizens. MAYor Young of Baltimore made it very clear that cyber criminals will not be rewarded, which is exactly what security experts constantly advice, since there is no guarantee access to data is regained.yRobbinHoodhttps://heimdalsecurity.com/blog/baltimore-ransomware/4156.423.42
45
Riviera Beach & Lake Citygovernment111.11.1ransom paid32019JUNFlorida, USAThe ransomware attacks happened on these two cities in Florida in the same week and the government authorites were forced to pay the ransom to the hackers in both the cases.yTrickBot, Ryukhttps://www.tripwire.com/state-of-security/security-awareness/10-most-significant-ransomware-attacks/4266.503.50
46
Virtual Care Provider Inc.American IT companyhealthcare5291414unknown32019NOVUSARyukhttps://healthitsecurity.com/news/ransomware-attack-on-it-vendor-disrupts-care-at-110-nursing-homeshttps://www.vcpi.com/43116.923.92
47
Maastricht Universityacademic10241220,0000.22ransom paid32019DEC
The Netherlands
TA505https://www.bleepingcomputer.com/news/security/ta505-hackers-behind-maastricht-university-ransomware-attack/44127.004.00
48
PEMEXMexico's state-owned oil companyenergy10087,0004.94.9unknown32019NOVMexicoDoppelPaymerPRIVATE10000+Pemex states that they are operating normally and that there was no affect on their fuel production, supply, and inventoryhttps://www.bleepingcomputer.com/news/security/mexicos-pemex-oil-suffers-ransomware-attack-49-million-demanded/https://finance.yahoo.com/company/pemex?h=eyJlIjoicGVtZXgiLCJuIjoiUGVtZXgifQ==&.tsrc=fin-srch45116.923.92
49
Michigan State Universityacademic251,000unknownunknown42020MAYMichigan, USANetWalkerhttps://securityboulevard.com/2020/08/recent-ransomware-attacks-latest-ransomware-attack-news-in-2020/4657.424.42
50
Columbia Collegeacademic10102unknownunknown42020JUNChicago, USANetWalkerhttps://securityboulevard.com/2020/08/recent-ransomware-attacks-latest-ransomware-attack-news-in-2020/4767.504.50
51
Brookfield ResidentialNorth American real estate developerlogistics251,000unknownrefused42020AUGUSADarksidePRIVATE501-1000https://securityboulevard.com/2020/08/recent-ransomware-attacks-latest-ransomware-attack-news-in-2020/https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/https://finance.yahoo.com/company/brookfield-residential-properties?h=eyJlIjoiYnJvb2tmaWVsZC1yZXNpZGVudGlhbC1wcm9wZXJ0aWVzIiwibiI6IkJyb29rZmllbGQgUmVzaWRlbnRpYWwgUHJvcGVydGllcyJ9&.tsrc=fin-srch4887.674.67
52
PTIPress Trust of Indiagovernment524unknownunknown42020OCTIndiaLockBitReports state NO ransom was paidhttps://usa.kaspersky.com/resource-center/threats/top-ransomware-2031
https://www.thehindubusinessline.com/info-tech/pti-services-disrupted-after-massive-ransomware-attack-on-servers/article32940254.ece49107.834.83
53
R1 RCM Inc.American revenue cycle management company finance251,271unknownunknown42020AUGUSADefrayRCM12/30/2020https://usa.kaspersky.com/resource-center/threats/top-ransomware-2029https://krebsonsecurity.com/2020/08/medical-debt-collection-firm-r1-rcm-hit-in-ransomware-attack/https://finance.yahoo.com/quote/RCM/financials?p=RCM5087.674.67
54
OrangeEurope's fourth largest mobile network operatortelecoms10051,255unknownunknown42020JULFranceNefilimORAN12/30/2020https://usa.kaspersky.com/resource-center/threats/top-ransomware-2027https://finance.yahoo.com/quote/ORAN/financials?p=ORAN5177.584.58
55
Hondaautomotive300119,697unknownunknown42020JUNJapanJun 2021: Some cyber-security experts have said it looks like a ransomware attack, which means that hackers might have encrypted data or locked Honda out of some of its IT systems.ErkanHMC3/30/2021https://www.bbc.co.uk/news/technology-52982427https://finance.yahoo.com/quote/HMC/financials?p=HMC5267.504.50
56
SCJBrazilian Superior Court of Justicelegal11unknownunknown42020NOVBrazilRansomExxhttps://usa.kaspersky.com/resource-center/threats/top-ransomware-2033
https://www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/53117.924.92
57
INA Groupleading Croatian oil companyenergy253,000unknownunknown42020FEBCroatiaClophttps://usa.kaspersky.com/resource-center/threats/top-ransomware-20215427.174.17
58
Randstadworld's largest staffing agencylogistics2525,120unknownunknown42020DEC
USA, Poland, Italy, France
EgregorRAND.AS12/30/2020https://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/https://finance.yahoo.com/quote/RAND.AS/financials?p=RAND.AS55128.005.00
59
US Fertility healthcare11unknownunknown42020NOVUSANot revealedhttps://www.bleepingcomputer.com/news/security/ransomware-hits-largest-us-fertility-network-patient-data-stolen/56117.924.92
60
UHSUniversal Health Serviceshealthcare2511,5596767costunknown42020OCTUSARyukUHS12/30/2020lost $67 million due to damageshttps://www.bleepingcomputer.com/news/security/universal-health-services-lost-67-million-due-to-ryuk-ransomware-attack/https://finance.yahoo.com/quote/UHS/financials?p=UHS57107.834.83
61
Barnes & Noblenotable American booksellerretail251,851unknownunknown42020OCTUSAEgregorBNED4/29/2020https://www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-egregor-ransomware-strange-data-leaked/https://finance.yahoo.com/quote/BNED/financials?p=BNED58107.834.83
62
BlackbaudAmerican cloud computing providertech10913unknownransom paid42020JULUSANot revealedBLKB12/30/2020amt not revealed but ransom paidhttps://techcrunch.com/2020/10/07/decrypted-blackbaud-ransomware-attack-gets-worse/https://www.bleepingcomputer.com/news/security/blackbaud-ransomware-gang-had-access-to-banking-info-and-passwords/https://finance.yahoo.com/quote/BLKB/financials?p=BLKB5977.584.58
63
Habana Labsdevelops AI and DL solutions, bought by Inteltech523unknownunknown42020DECIsraelHabana Labs is an Israeli company that develops AI processors and was purchased by Intel for 2 billion in 2019. It is believed that the attack was caused by Iranian hackers and was not meant to generate revenue but to cause havoc for Israeli interests, since this was one of other multiple attacks on Israeli companies.yPay2KeyPRIVATE11-50https://www.bleepingcomputer.com/news/security/intels-habana-labs-hacked-by-pay2key-ransomware-data-stolen/https://finance.yahoo.com/company/habana?h=eyJlIjoiaGFiYW5hIiwibiI6IkhhYmFuYSJ9&.tsrc=fin-srch60128.005.00
64
Gedia Automotive Groupautomotive10237unknownrefused42020JANGermanyREvil4200+https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-threatens-to-publish-data-of-automotive-group/https://www.gedia.com/en/unternehmen/profile6117.084.08
65
TalmanAustralian wool IT companytech510unknownunknown42020FEBAustraliaThe Talman Software is used by more than 75% of the wool industry in Australia and New Zealand. The attack forced the buying and trading system to go offline. The chief executive stated he cannot recall of any other incident that affected the wool industry as much as this attack did.yNot revealedhttps://www.abc.net.au/news/rural/2020-02-27/ransomware-cyber-attack-cripples-australian-wool-sales/12007912https://www.itnews.com.au/news/australian-wool-sales-stopped-by-ransomware-attack-5386576227.174.17
66
Whirlpooltech2519,456unknownunknown42020DECUSANefilimWHR12/30/2020leaked data included documents related to employee benefits, accommodation requests, medical information requests, background checks, and more.https://www.bleepingcomputer.com/news/security/home-appliance-giant-whirlpool-hit-in-nefilim-ransomware-attack/https://finance.yahoo.com/quote/WHR/financials?p=WHR63128.005.00
67
Symriseworld's major producer of flavours & fragrancesfood & beverage254,269unknownunknown42020DECGermanyClopSY1.DE12/30/2020attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices.https://www.bleepingcomputer.com/news/security/flavors-designer-symrise-halts-production-after-clop-ransomware-attack/https://finance.yahoo.com/quote/SY1.DE/financials?p=SY1.DE64128.005.00
68
Haberdashers’ Monmouth Schoolsacademic131.41.4refused42020DECUKNot revealedhttps://blocksandfiles.com/2020/12/09/airgapped-defence-helps-schools-in-ransomware-attack/65128.005.00
69
EmbraerBrazilian plane maker & the world's third-largest airplane maker, after Boeing and Airbustech10746unknownunknown42020DECBrazilRansomEXXERJ12/30/2020data was leakedhttps://www.zdnet.com/article/hackers-leak-data-from-embraer-worlds-third-largest-airplane-maker/https://finance.yahoo.com/quote/ERJ/financials?p=ERJ66128.005.00
70
K12American e-learning platformacademic10509unknownransom paid42020DECUSARyukamt is not known but it was paidhttps://www.bleepingcomputer.com/news/security/k12-online-schooling-giant-pays-ryuk-ransomware-to-stop-data-leak/67128.005.00
71
Endemol Shinepopular Dutch media companymedia & sport569unknownunknown42020NOVFranceDoppelPaymerPRIVATE1001-5000https://www.bleepingcomputer.com/news/security/masterchef-big-brother-producer-hit-by-doppelpaymer-ransomware/https://finance.yahoo.com/company/endemol-shine-group?h=eyJlIjoiZW5kZW1vbC1zaGluZS1ncm91cCIsIm4iOiJFbmRlbW9sIFNoaW5lIEdyb3VwIn0=&.tsrc=fin-srch68117.924.92
72
Delaware Countygovernment11500,0000.5ransom paid42020NOVUSADoppelPaymerhttps://www.bleepingcomputer.com/news/security/pennsylvania-county-pays-500k-ransom-to-doppelpaymer-ransomware/69117.924.92
73
Manchester United media & sport10675unknownunknown42020NOVUKNot revealedhttps://www.theguardian.com/football/2020/nov/27/manchester-united-still-crippled-by-disruptive-cyber-attack70117.924.92
74
E-LandSouth Korean conglomerate and retail giantretail510unknownunknown42020NOVSouth KoreaNot revealedPRIVATE1001-500023 of its retail stores suspended operations while they deal with the attack.https://www.bleepingcomputer.com/news/security/ransomware-forces-e-land-south-korean-retail-giant-to-close-stores/https://www.glassdoor.co.in/Overview/Working-at-The-E-LAND-Group-EI_IE428069.11,27.htm71117.924.92
75
Managed.comleading web hosting solutions providertech15500,0000.5unknown42020NOVUSAREvilhttps://www.bleepingcomputer.com/news/security/revil-ransomware-hits-managedcom-hosting-provider-500k-ransom/https://managed.com/about/72117.924.92
76
Cencosudone of Latin America's largest retail companiesretail2513,676unknownunknown42020NOVChileEgregor
CENCOSUD.SN
https://www.bleepingcomputer.com/news/security/retail-giant-cencosud-hit-by-egregor-ransomware-attack-stores-impacted/https://finance.yahoo.com/quote/CENCOSUD.SN/financials?p=CENCOSUD.SN73117.924.92
77
Miltenyi BiotecGerman biotech companyhealthcare10877unknownunknown42020NOVGermanyMountLockerPRIVATE1001-5000ransomware actors have leaked 5% out of the 150 GB of data they claim to have stolenhttps://www.bleepingcomputer.com/news/security/biotech-research-firm-miltenyi-biotec-hit-by-ransomware-data-leaked/https://finance.yahoo.com/company/miltenyi-biotec?h=eyJlIjoibWlsdGVueWktYmlvdGVjIiwibiI6Ik1pbHRlbnlpIEJpb3RlYyJ9&.tsrc=fin-srch74117.924.92
78
CompalTaiwanese electronics company producing for HP, Dell, Toshibatech10037,877unknownunknown42020NOVTaiwanDoppelPaymer2324.TW12/30/2020https://www.zdnet.com/article/compal-the-second-largest-laptop-manufacturer-in-the-world-hit-by-ransomware/https://finance.yahoo.com/quote/2324.TW/financials?p=2324.TW75117.924.92
79
GEO Groupruns private prisons & illegal immigration detention centres in the US & other countriesgovernment252,350unknownunknown42020NOVUSANot revealedGEO12/30/2020Personal data and health information for some inmates and residents was exposed during the incidenthttps://www.zdnet.com/article/company-that-runs-us-illegal-immigration-detention-centers-discloses-ransomware-attack/https://finance.yahoo.com/quote/GEO/financials?p=GEO76117.924.92
80
Campari Grouppopular Italian beverage company known for Campari, Frangelico, Epsolonfood & beverage252,0001515unknown42020NOVItalyRagnar Lockerhttps://www.bleepingcomputer.com/news/security/campari-hit-by-ragnar-locker-ransomware-15-million-demanded/77117.924.92
81
CapcomJapanese game developer of popular games such as Resident Evil and Street Fightergaming10081,5911111unknown42020NOVJapanRagnar LockerCCOEY3/30/2020https://www.bleepingcomputer.com/news/security/capcom-hit-by-ragnar-locker-ransomware-1tb-allegedly-stolen/https://finance.yahoo.com/quote/CCOEY/financials?p=CCOEY78117.924.92
82
Mattelretail254,584unknownunknown42020NOVUSANot revealedMAT12/30/2020https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/https://finance.yahoo.com/quote/MAT/financials?p=MAT79117.924.92
83
GPIGaming Partners Internationalone of the world's largest supplier of casino currencymedia & sport587unknownunknown42020OCTUSAREvilhttps://www.forbes.com/sites/leemathews/2020/10/31/ransomware-gang-claims-international-casino-equipment--supplier-as-latest-victim/?sh=7fefe88468b280107.834.83
84
Dr.Reddy's LaboratoriesIndian multinational pharmaceutical companyhealthcare252,592unknownrefused42020OCTIndiaNot revealed
DRREDDY.BO
3/30/2021https://timesofindia.indiatimes.com/city/hyderabad/dr-reddys-admits-to-ransomware-attack-says-still-restoring-data-investigating-origin/articleshow/78921019.cmshttps://finance.yahoo.com/quote/DRREDDY.BO/financials?p=DRREDDY.BO81107.834.83
85
Steelcaseworld's largest office furniture manufacturerlogistics252,596unknownunknown42020OCTUSARyukSCS2/27/2021https://www.bleepingcomputer.com/news/security/steelcase-furniture-giant-hit-by-ryuk-ransomware-attack/https://finance.yahoo.com/quote/SCS/financials?p=SCS82107.834.83
86
Boyne Resortsoperates golf and ski resorts across USA & Canadamedia & sport10916unknownunknown42020OCTUSA, CanadaWastedLocker11000+https://www.bleepingcomputer.com/news/security/wastedlocker-ransomware-hits-boyne-resorts-ski-resort-operator/https://www.boyneresorts.com/about-us83107.834.83
87
VastaamoFinish psychotherapy clinichealthcare510200 euros per patient0.49unknown42020OCTFinlandConfidential records of thousands of psychotherapy patients were hacked and leaked online. Patients received emails with a demand of 200 euros in BTC to prevent the contents of their discussions with therapists being made public.yNot revealedransom is our calc (200 euro * 2000 patients)https://www.theguardian.com/world/2020/oct/26/tens-of-thousands-psychotherapy-records-hacked-in-finland84107.834.83
88
STMSociété de transport de Montréaltransport11unknownunknown42020OCTCanadaRansomEXXhttps://www.bleepingcomputer.com/news/security/montreals-stm-public-transport-system-hit-by-ransomware-attack/85107.834.83
89
Haldiram'sIndian snacks and food giantretail10546750,0000.75unknown42020OCTIndiaNot revealedhttps://timesofindia.indiatimes.com/city/noida/haldirams-hit-by-ransomware-attack-hackers-asked-for-7-5l/articleshow/78712465.cmshttp://www.haldiram.com/news/becomes-Indias-biggest-snack-maker-with-a-turnover-of-rs-4000-crore86107.834.83
90
Crytekleading game developers of games such as Crysis & Hunt:Showdowngaming10116unknownunknown42020OCTGermanyEgregorIn addition to encrypting the devices, the Egregor gang claims to have stolen unencrypted files from Crytek and leaked a 380MB archive on their data leak site.https://www.bleepingcomputer.com/news/security/crytek-hit-by-egregor-ransomware-ubisoft-data-leaked/87107.834.83
91
Yazoo County School Districtacademic510300,0000.3ransom paid42020OCTUSANot revealedhttps://www.infosecurity-magazine.com/news/cyberattack-on-mississippi-schools/88107.834.83
92
Ardonagh GroupUK's second largest privately owned insurance brokerfinance251,0009494costunknown42020OCTUKNot revealedPRIVATE5001-10000$94 million in losseshttps://www.theregister.com/2020/10/06/ardonagh_group_ransomware/https://finance.yahoo.com/company/the-ardonagh-group?h=eyJlIjoidGhlLWFyZG9uYWdoLWdyb3VwIiwibiI6IlRoZSBBcmRvbmFnaCBHcm91cCJ9&.tsrc=fin-srch89107.834.83
93
ERTeResearchTechnologymajor American health tech firmhealthcare10612unknownunknown42020OCTUSANot revealedCoronavirus clinical trials disrupted by the ransomware attackhttps://www.cpomagazine.com/cyber-security/ransomware-attack-on-a-major-health-tech-firm-slows-down-several-covid-19-clinical-trials/90107.834.83
94
Tyler TechnologiesUS' largest software providertech251,11744costransom paid42020SEPUSARansomEXXTYL12/30/2020lost $4 million in saleshttps://www.bleepingcomputer.com/news/security/tyler-technologies-paid-ransomware-gang-for-decryption-key/https://www.crn.com/news/channel-programs/tyler-technologies-lost-4-million-in-sales-due-to-ransomware-attackhttps://finance.yahoo.com/quote/TYL/financials?p=TYL9197.754.75
95
IPG Photonicsleading American laser developergovernment251,201unknownunknown42020SEPUSARansomEXXIPGP12/30/2020https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/https://finance.yahoo.com/quote/IPGP/financials?p=IPGP9297.754.75
96
AnglicareAustralian organization holding records on adoption, mental health services, etchealthcare558unknownrefused42020SEPAustraliaNot revealed17 gigabytes of data was transmitted to a remote locationhttps://www.abc.net.au/news/2020-09-19/anglicare-sydney-victim-of-cyber-security-breach-involving-data/126815109397.754.75
97
Dusseldorf University Hospitalhealthcare11unknownunknown42020SEPGermanyThe ransomware attack on Dusseldorf Hospital reported in the first ever human death caused due to a cyber attack. A woman patient died while being rerouted to another hospital since Dusseldorf was unable to receive her as it was in the midst of dealing with the attack. The ransomware gang had withdrawn its ransom demands after the German police reached out to them and MAY turn the investigation into a murder case if the gang and hospital downtime are directly related to the cause of death.yNot revealedhttps://www.zdnet.com/article/first-death-reported-following-a-ransomware-attack-on-a-german-hospital/9497.754.75
98
Artech Information Systemsone of the largest US IT staffing companieslogistics10810unknownunknown42020SEPUSAREvil10500
Personal, financial, and health info exposed in the attack
https://www.bleepingcomputer.com/news/security/us-staffing-firm-artech-discloses-ransomware-attack-data-breach/https://www.artech.com/overview/about-us/9597.754.75
99
Development Bank of Seychellesfinance12unknownunknown42020SEPSeychellesNot revealedCustomer and bank info potentially stolenhttps://www.bleepingcomputer.com/news/security/development-bank-of-seychelles-hit-by-ransomware-attack/9697.754.75
100
SoftServeone of Ukraine's largest IT companiestech251,000unknownunknown42020SEPUkraineRansomEXX9000Customers' source code allegedly stolenhttps://www.bleepingcomputer.com/news/security/softserve-hit-by-ransomware-windows-customization-tool-exploited/https://www.softserveinc.com/en-us/about-us9797.754.75