Play Ransomware Gang Attack A Spanish Bank

Uploaded on 2023-06-10 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

One of Spain’s largest banking institutions, Globalcaja,  has been hit by a ransomware attack affecting multiple branches. The attack is understood to have been carried out by the Play ransomware group, also known as PlayCrypt. The ransomware’s name is derived from its behaviour, as it adds the extension “.play” after encrypting files. Its ransom note also contains the single word, “PLAY,” along with the ransomware group’s contact email address. 

The ransomware gang is claiming Globalcaja is one of its latest victims and says it has gained access to both private and personal data, as well as numerous client and employee documents. Passport information and confidential contracts were also noted amongst the list of data seized during the incident. The bank has not confirmed that it has paid any ransom.

Globalcaja has nearly half a million customers and the bank provides a wide range of services. It manages a substantial portfolio of consumer loans, totalling over $4.6 billion, and employs approximately 1,000 people. The bank said that it "activated security” protocols designed to mitigate the impact of a potential breach. “From the very beginning, at Globalcaja we activated the security protocols created for this purpose, which led us to disable some office posts and temporarily limit the performance of some operations,” said the bank.  “We continue to work hard to finish normalising the situation and are analysing what happened, prioritising security at all times.”

This attack is the latest in a number of high-profile attacks conducted by the ransomware group, which has become more widely known following a series of high-profile attacks last year.

Play ransomware was used to attack the German hotel chain, H-Hotels and the State of New York Polytechnic college in 2022. This group also hit organisations across Latin America and has a track record of deploying attacks on companies operating in India, Hungary, the Netherlands, and Spain. 

Spanish financial institutions have been a hacking target for a long time, but the country has been dealing with more ransomware incidents in 2023, with one attack hitting a Barcelona hospital crippling a and another bringing down a Spanish fun park company.

Avertium:     Trend Micro:     The Record:     Computing:    Cybernews:    Bleepimg Computer:      ITPro:

You Might Also Read:

Top Six Cyber Secure Countries:
___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« XDR vs. SIEM: Do You Need One or Both?
To Succeed With Zero Trust, First Define Success »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NuHarbor Security

NuHarbor Security

NuHarbor is a leading information security consulting and advisory firm specializing in Information Security, Compliance, and Risk Management.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

Control System Cyber Security Association International (CS2AI)

Control System Cyber Security Association International (CS2AI)

CS2AI is the premier global not for profit workforce development organization supporting professionals of all levels charged with securing control systems.

Opora

Opora

Opora is the leading cybersecurity provider of adversary behavior analytics “ABA” and preemptive security solutions.

Aegis Security

Aegis Security

Aegis Security helps clients to secure their systems against potential threats through pre-emptive measures, such as security assessments, and cutting-edge solutions to security challenges.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

DarkFeed

DarkFeed

DarkFeed is a Threat Intelligence provider that monitors the darknet in real-time, where hackers and Cyber criminals are most active.

Action Fraud

Action Fraud

Action Fraud is the UK’s national reporting centre for fraud and cyber crime where you should report fraud if you have been scammed, defrauded or experienced cyber crime.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.

Lasso Security

Lasso Security

Lasso Security is a pioneer cybersecurity company ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.

Abissi

Abissi

Abissi offer cyber intelligence, IoT security, automotive security, red teaming, application security and artificial intelligence security services, with a focus on security by design.

Black Belt Secure

Black Belt Secure

We provide critical cybersecurity services such as managed security, ransomware mitigation, penetration testing, system auditing and compliance services to your organization.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.