Cyber Breaches

RansomwareRansom paidJuly 23, 2020

Garmin WastedLocker ransomware (Evil Corp)

Evil Corp deployed the WastedLocker ransomware against Garmin, taking flyGarmin aviation services, Garmin Connect, and inReach satellite messaging offline for five days. Garmin paid an estimated $10M ransom despite OFAC sanctions on Evil Corp.

Victim: Garmin Ltd.
Loss: $30.0M

RansomwareRansom paidDecember 23, 2019

Maastricht University Clop ransomware (Netherlands, 2019)

TA505 used Clop ransomware to encrypt 267 Maastricht University servers over Christmas 2019 after two phishing emails on 15–16 October had compromised the network. The university paid 30 BTC (~$220,000). The ransom Bitcoin — later seized from a money mule — was returned and had appreciated, leaving the university ahead by ~$300,000.

Victim: Maastricht University
Loss: $220.0K

Related incidents

Garmin WastedLocker ransomware (Evil Corp)

Maastricht University Clop ransomware (Netherlands, 2019)