Exploit: Ransomware
Merseyrail: Train Operator
Risk to Business: 1.672 = Severe
Merseyrail, a UK rail network that provides train service through 68 stations in the Liverpool area, has been hit with a suspected ransomware attack. Reporters have been contacted by the LockBit ransomware gang claiming responsibility. The gang supposedly accessed the rail company’s systems through a compromised administrator email account. The cybercriminals claim to have personal information about the railway’s employees and business data. The incident is under investigation.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware, especially targeted ransomware, is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen about disrupting business operations and holding them hostage until they’re paid.