Play Ransomware Gang Attack A Spanish Bank

One of Spain’s largest banking institutions, Globalcaja,  has been hit by a ransomware attack affecting multiple branches. The attack is understood to have been carried out by the Play ransomware group, also known as PlayCrypt. The ransomware’s name is derived from its behaviour, as it adds the extension “.play” after encrypting files. Its ransom note also contains the single word, “PLAY,” along with the ransomware group’s contact email address. 

The ransomware gang is claiming Globalcaja is one of its latest victims and says it has gained access to both private and personal data, as well as numerous client and employee documents. Passport information and confidential contracts were also noted amongst the list of data seized during the incident. The bank has not confirmed that it has paid any ransom.

Globalcaja has nearly half a million customers and the bank provides a wide range of services. It manages a substantial portfolio of consumer loans, totalling over $4.6 billion, and employs approximately 1,000 people. The bank said that it "activated security” protocols designed to mitigate the impact of a potential breach. “From the very beginning, at Globalcaja we activated the security protocols created for this purpose, which led us to disable some office posts and temporarily limit the performance of some operations,” said the bank.  “We continue to work hard to finish normalising the situation and are analysing what happened, prioritising security at all times.”

This attack is the latest in a number of high-profile attacks conducted by the ransomware group, which has become more widely known following a series of high-profile attacks last year.

Play ransomware was used to attack the German hotel chain, H-Hotels and the State of New York Polytechnic college in 2022. This group also hit organisations across Latin America and has a track record of deploying attacks on companies operating in India, Hungary, the Netherlands, and Spain. 

Spanish financial institutions have been a hacking target for a long time, but the country has been dealing with more ransomware incidents in 2023, with one attack hitting a Barcelona hospital crippling a and another bringing down a Spanish fun park company.

Avertium:     Trend Micro:     The Record:     Computing:    Cybernews:    Bleepimg Computer:      ITPro:

You Might Also Read:

Top Six Cyber Secure Countries:
___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« XDR vs. SIEM: Do You Need One or Both?
To Succeed With Zero Trust, First Define Success »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Infineon Technologies

Infineon Technologies

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Austrian Trust Circle

Austrian Trust Circle

Austrian Trust Circle is an initiative of CERT.at and the Austrian Federal Chancellery and consists of Security Information Exchanges in the areas of the strategic information infrastructure.

Idaptive

Idaptive

Idaptive delivers Next-Gen Access through a zero trust approach. Idaptive secures access everywhere with single sign-on, adaptive MFA, EMM and analytics.

Marcus Donald People

Marcus Donald People

Marcus Donald People is a UK IT recruitment specialist covering the following sectors: Infrastructure & Cloud, Information Security, Development, Business transformation.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

Fairfirst Insurance

Fairfirst Insurance

Fairfirst Cyber Insurance protects your business assets against the complexity of cyber threats.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

WidePoint

WidePoint

WidePoint Corporation is an innovative provider of Trusted Mobility Management (TM2) solutions.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

Chorus

Chorus

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.

Cork

Cork

Cork is a purpose-built cyber warranty company for managed service providers (MSPs) serving small businesses (SMBs) and the software solutions they manage.

Toro Solutions

Toro Solutions

Toro provide managed security & consultancy to keep governments, businesses & society resilient in the space where cyber, physical & people security converge.