Globalcaja, a large Spanish bank, has confirmed that it’s been affected by a ransomware attack. Cybercriminal gang Play has claimed the attack.
The Spanish financial institution has released a statement saying that it registered a “cyber incident” that infected local computers with ransomware.
“The attack has not affected the transactions of the organization (neither the accounts nor the agreements of the clients have been compromised), so it’s possible to use electronic banking, as well as ATMs,” Globalcaja said.
The company said it has activated security protocols, disabled some of its systems, and limited the operation of others.
Play ransomware claimed the attack on June 2nd, posting Globalcaja on its dark web blog. The blog is commonly used to showcase the gang’s latest victims.
According to the hackers, they were able to steal confidential data, client and employee documents, passports, contracts, and other data. The gang did not specify how large the stolen dataset was.
Globalcaja operates primarily in Spain. The financial institution has over 450,000 customers, controls nearly $5 billion in assets, and boasts over $38 million net profit.
Play ransomware is a relative newcomer to the game, first spotted in June 2022 and described as being inspired by Hive, a similar gang that has reportedly folded. According to the dark-web monitoring platform DarkFeed, it has so far victimized 114 organizations.
Most notably, Play was behind the crippling attacks against the city of Oakland, California, and BMW France, which BMW later narrowed down to a local dealer of its vehicles operating independently of the auto giant.
Your email address will not be published. Required fields are markedmarked