September 26, 2022  —  Eric Swotinsky

Hive ransomware gang claims several new major victims

The infamous Hive ransomware gang has been busy lately. Just in the last week, they've claimed responsibility for four new victims.

One of these was Bell Technical Solutions (BTS), an organization with more than 4,500 employees. They specialize in installing Bell services for residential and small business customers across the Ontario and Québec provinces of Canada.

The Hive attackers also gained access to the systems of Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider. Over 320,000 individuals were affected by this incident.

The New York Racing Association, which is the operator of the three largest thoroughbred horse racing tracks in New York, was impacted as well. Threat actors published a ZIP file with exfiltrated information, including Social Security numbers, driver’s license identification numbers, health records and health insurance information.

Finally, Hive added an iconic luxury hotel located in Miami Beach, Florida to their list of victims. The attackers claim to have stolen signed contracts, NDAs and other agreement docs with artists.

The Active Protection included in Acronis Cyber Protect Cloud detects and blocks ransomware from Hive and other groups, keeping your data safe from encryption or extortion. The Advanced Data Loss Prevention pack provides additional monitoring of data loss and protection against exfiltration attempts.