NetworkTigers highlights the eight largest ransomware demands of 2023.
In recent years, the digital landscape has witnessed an escalation in the frequency of ransomware attacks. Ransomware continues to hold businesses and organizations hostage, encrypting data and demanding substantial ransoms for its release.
Ransomware attack statistics for 2023
According to the 2023 State of Ransomware Report from the Malwarebytes Threat Intelligence team, there were 1,900 ransomware threats within four countries (Germany, the UK, the US, and France) in one year. The report reveals that the US experienced 43 percent of all global attacks, while the attacks doubled in France in the past five months.
Another report by Fortinet shows that cybersecurity threats increased by 37 percent in 2023, with enterprises grappling with an average ransom payment exceeding $100,000 and an average demand reaching $5.3 million. A global survey of cybersecurity professionals in 2023 disclosed that 36 percent of businesses fell victim to ransomware attacks due to exploited vulnerabilities.
Credential compromise emerged as the second most prevalent cause of successful ransomware attacks, followed by phishing emails. Here is our list of the top 8 largest ransomware demands of 2023
1. Harvard Pilgrim Health Care
In April 2023, a ransomware incident was discovered by Harvard Pilgrim Health Care, affecting systems supporting both Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride plans. The breach exposed the personal details of around 2,550,922 patients.
The compromised files included sensitive information such as health insurance account details, taxpayer identification numbers, phone numbers, physical addresses, dates of birth, names, and clinical data. The criminals demanded a ransom of $50 million.
2. The University of California
In May 2023, the University of California fell victim to a ransomware attack that encrypted confidential information across its servers. The university has not publicly disclosed specific information regarding the number of individuals impacted or the details of the attack. The cyber attackers demanded a ransom of $40 million.
3. The Kroger Co.
In June 2023, The Kroger Co., a prominent grocery retailer, experienced a ransomware attack that impacted its supply chain operations. The attackers, demanding a ransom of $30 million, exploited a vulnerability in the file-transfer product FTA, developed by Accellion.
The incident did not compromise Kroger’s IT systems, and no customer financial information was breached. However, the attack disrupted payment processing and inventory management, causing disruptions to the company’s supply chain.
4. The Boeing Company
In July 2023, The Boeing Company, fell victim to a ransomware attack, causing disruptions to its operations. The hackers demanded a ransom of $25 million. The attack exploited a file-transfer product named FTA. The incident did not affect Boeing’s IT systems; no customer financial information was compromised. However, the attack disrupted payment processing and inventory management, causing operational challenges.
The company has not disclosed the details of the attack and the extent of the affected individuals. A Russian LockBit ransomware group claimed responsibility and threatened to disclose the stolen information online if the company refused to pay the ransom.
5. The Coca-Cola Company
In August 2023, The Coca-Cola Company encountered a ransomware attack that affected its operations. The attackers demanded a $20 million ransom. The attack utilized a file-transfer product named FTA. The incident did not affect Coca-Cola’s IT systems; no customer financial data was compromised. However, the attack affected the company’s payment processing and inventory management, resulting in operational disruptions.
Although the details of the attack and the number of individuals affected were not disclosed, the attackers, a group known as Stormous, claimed responsibility and threatened to leak online confidential information unless the ransom was paid.
6. The Ford Motor Company
In September 2023, Ford Motor Company encountered a ransomware attack that impacted its operations. The criminals demanded a $15 million ransom. The attackers exploited a file-transfer product, FTA, developed by Accellion. The attack did not affect Ford’s IT systems; no customer financial data was compromised. However, the attack impacted payment processing and inventory management, causing operational disruptions.
While Ford has not disclosed specific details of the attack and the number of affected individuals, the responsible group, Black Basta, claimed responsibility and threatened to leak the confidential data online if the ransom wasn’t paid.
7. The Walt Disney Company
In October 2023, The Walt Disney Company faced a ransomware attack that affected its operations. The criminals executed the attack through Accellion’s file-transfer product, FTA, and demanded a ransom of $12 million. The incident did not compromise Disney’s IT systems. However, it impacted the company’s payment processing and inventory management, causing disruptions.
Although specific details of the attack and the number of individuals affected remain undisclosed, the responsible group, known as Stormous, claimed responsibility and threatened to leak private data online if the ransom wasn’t paid.
8. The Procter & Gamble Company
In November 2023, The Procter & Gamble Company fell victim to a ransomware attack that affected its operations. The attackers exploited a file-transfer product, FTA, developed by Accellion and demanded a $10 million ransom. The incident did not compromise Procter & Gamble’s IT systems, and no customer financial information was breached. However, the attack impacted the company’s payment processing and inventory management, causing operational disruptions.
While the company has not disclosed specific details about the attack or the number of affected individuals, the group responsible, Black Basta, claimed responsibility and threatened to release the confidential information online if the ransom wasn’t paid.
